1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
31 #include <sys/resource.h>
32 #include <linux/sched.h>
33 #include <sys/types.h>
37 #include <sys/ioctl.h>
39 #include <linux/tiocl.h>
44 #include <sys/prctl.h>
45 #include <sys/utsname.h>
47 #include <netinet/ip.h>
55 #include <sys/mount.h>
56 #include <linux/magic.h>
60 #include <sys/personality.h>
61 #include <sys/xattr.h>
62 #include <sys/statvfs.h>
66 /* When we include libgen.h because we need dirname() we immediately
67 * undefine basename() since libgen.h defines it as a macro to the XDG
68 * version which is really broken. */
72 #ifdef HAVE_SYS_AUXV_H
84 #include "path-util.h"
85 #include "exit-status.h"
89 #include "device-nodes.h"
94 #include "sparse-endian.h"
96 /* Put this test here for a lack of better place */
97 assert_cc(EAGAIN
== EWOULDBLOCK
);
100 char **saved_argv
= NULL
;
102 static volatile unsigned cached_columns
= 0;
103 static volatile unsigned cached_lines
= 0;
105 size_t page_size(void) {
106 static thread_local
size_t pgsz
= 0;
109 if (_likely_(pgsz
> 0))
112 r
= sysconf(_SC_PAGESIZE
);
119 bool streq_ptr(const char *a
, const char *b
) {
121 /* Like streq(), but tries to make sense of NULL pointers */
132 char* endswith(const char *s
, const char *postfix
) {
139 pl
= strlen(postfix
);
142 return (char*) s
+ sl
;
147 if (memcmp(s
+ sl
- pl
, postfix
, pl
) != 0)
150 return (char*) s
+ sl
- pl
;
153 char* first_word(const char *s
, const char *word
) {
160 /* Checks if the string starts with the specified word, either
161 * followed by NUL or by whitespace. Returns a pointer to the
162 * NUL or the first character after the whitespace. */
173 if (memcmp(s
, word
, wl
) != 0)
180 if (!strchr(WHITESPACE
, *p
))
183 p
+= strspn(p
, WHITESPACE
);
187 static size_t cescape_char(char c
, char *buf
) {
188 char * buf_old
= buf
;
234 /* For special chars we prefer octal over
235 * hexadecimal encoding, simply because glib's
236 * g_strescape() does the same */
237 if ((c
< ' ') || (c
>= 127)) {
239 *(buf
++) = octchar((unsigned char) c
>> 6);
240 *(buf
++) = octchar((unsigned char) c
>> 3);
241 *(buf
++) = octchar((unsigned char) c
);
247 return buf
- buf_old
;
250 int close_nointr(int fd
) {
257 * Just ignore EINTR; a retry loop is the wrong thing to do on
260 * http://lkml.indiana.edu/hypermail/linux/kernel/0509.1/0877.html
261 * https://bugzilla.gnome.org/show_bug.cgi?id=682819
262 * http://utcc.utoronto.ca/~cks/space/blog/unix/CloseEINTR
263 * https://sites.google.com/site/michaelsafyan/software-engineering/checkforeintrwheninvokingclosethinkagain
271 int safe_close(int fd
) {
274 * Like close_nointr() but cannot fail. Guarantees errno is
275 * unchanged. Is a NOP with negative fds passed, and returns
276 * -1, so that it can be used in this syntax:
278 * fd = safe_close(fd);
284 /* The kernel might return pretty much any error code
285 * via close(), but the fd will be closed anyway. The
286 * only condition we want to check for here is whether
287 * the fd was invalid at all... */
289 assert_se(close_nointr(fd
) != -EBADF
);
295 void close_many(const int fds
[], unsigned n_fd
) {
298 assert(fds
|| n_fd
<= 0);
300 for (i
= 0; i
< n_fd
; i
++)
304 int unlink_noerrno(const char *path
) {
315 int parse_boolean(const char *v
) {
318 if (streq(v
, "1") || strcaseeq(v
, "yes") || strcaseeq(v
, "y") || strcaseeq(v
, "true") || strcaseeq(v
, "t") || strcaseeq(v
, "on"))
320 else if (streq(v
, "0") || strcaseeq(v
, "no") || strcaseeq(v
, "n") || strcaseeq(v
, "false") || strcaseeq(v
, "f") || strcaseeq(v
, "off"))
326 int parse_pid(const char *s
, pid_t
* ret_pid
) {
327 unsigned long ul
= 0;
334 r
= safe_atolu(s
, &ul
);
340 if ((unsigned long) pid
!= ul
)
350 int parse_uid(const char *s
, uid_t
* ret_uid
) {
351 unsigned long ul
= 0;
358 r
= safe_atolu(s
, &ul
);
364 if ((unsigned long) uid
!= ul
)
367 /* Some libc APIs use UID_INVALID as special placeholder */
368 if (uid
== (uid_t
) 0xFFFFFFFF)
371 /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
372 if (uid
== (uid_t
) 0xFFFF)
379 int safe_atou(const char *s
, unsigned *ret_u
) {
387 l
= strtoul(s
, &x
, 0);
389 if (!x
|| x
== s
|| *x
|| errno
)
390 return errno
> 0 ? -errno
: -EINVAL
;
392 if ((unsigned long) (unsigned) l
!= l
)
395 *ret_u
= (unsigned) l
;
399 int safe_atoi(const char *s
, int *ret_i
) {
407 l
= strtol(s
, &x
, 0);
409 if (!x
|| x
== s
|| *x
|| errno
)
410 return errno
> 0 ? -errno
: -EINVAL
;
412 if ((long) (int) l
!= l
)
419 int safe_atou8(const char *s
, uint8_t *ret
) {
427 l
= strtoul(s
, &x
, 0);
429 if (!x
|| x
== s
|| *x
|| errno
)
430 return errno
> 0 ? -errno
: -EINVAL
;
432 if ((unsigned long) (uint8_t) l
!= l
)
439 int safe_atou16(const char *s
, uint16_t *ret
) {
447 l
= strtoul(s
, &x
, 0);
449 if (!x
|| x
== s
|| *x
|| errno
)
450 return errno
> 0 ? -errno
: -EINVAL
;
452 if ((unsigned long) (uint16_t) l
!= l
)
459 int safe_atoi16(const char *s
, int16_t *ret
) {
467 l
= strtol(s
, &x
, 0);
469 if (!x
|| x
== s
|| *x
|| errno
)
470 return errno
> 0 ? -errno
: -EINVAL
;
472 if ((long) (int16_t) l
!= l
)
479 int safe_atollu(const char *s
, long long unsigned *ret_llu
) {
481 unsigned long long l
;
487 l
= strtoull(s
, &x
, 0);
489 if (!x
|| x
== s
|| *x
|| errno
)
490 return errno
? -errno
: -EINVAL
;
496 int safe_atolli(const char *s
, long long int *ret_lli
) {
504 l
= strtoll(s
, &x
, 0);
506 if (!x
|| x
== s
|| *x
|| errno
)
507 return errno
? -errno
: -EINVAL
;
513 int safe_atod(const char *s
, double *ret_d
) {
521 loc
= newlocale(LC_NUMERIC_MASK
, "C", (locale_t
) 0);
522 if (loc
== (locale_t
) 0)
526 d
= strtod_l(s
, &x
, loc
);
528 if (!x
|| x
== s
|| *x
|| errno
) {
530 return errno
? -errno
: -EINVAL
;
538 static size_t strcspn_escaped(const char *s
, const char *reject
) {
539 bool escaped
= false;
542 for (n
=0; s
[n
]; n
++) {
545 else if (s
[n
] == '\\')
547 else if (strchr(reject
, s
[n
]))
551 /* if s ends in \, return index of previous char */
555 /* Split a string into words. */
556 const char* split(const char **state
, size_t *l
, const char *separator
, bool quoted
) {
562 assert(**state
== '\0');
566 current
+= strspn(current
, separator
);
572 if (quoted
&& strchr("\'\"", *current
)) {
573 char quotechars
[2] = {*current
, '\0'};
575 *l
= strcspn_escaped(current
+ 1, quotechars
);
576 if (current
[*l
+ 1] == '\0' ||
577 (current
[*l
+ 2] && !strchr(separator
, current
[*l
+ 2]))) {
578 /* right quote missing or garbage at the end */
582 assert(current
[*l
+ 1] == quotechars
[0]);
583 *state
= current
++ + *l
+ 2;
585 *l
= strcspn_escaped(current
, separator
);
586 if (current
[*l
] && !strchr(separator
, current
[*l
])) {
587 /* unfinished escape */
591 *state
= current
+ *l
;
593 *l
= strcspn(current
, separator
);
594 *state
= current
+ *l
;
600 int get_parent_of_pid(pid_t pid
, pid_t
*_ppid
) {
602 _cleanup_free_
char *line
= NULL
;
614 p
= procfs_file_alloca(pid
, "stat");
615 r
= read_one_line_file(p
, &line
);
619 /* Let's skip the pid and comm fields. The latter is enclosed
620 * in () but does not escape any () in its value, so let's
621 * skip over it manually */
623 p
= strrchr(line
, ')');
635 if ((long unsigned) (pid_t
) ppid
!= ppid
)
638 *_ppid
= (pid_t
) ppid
;
643 int fchmod_umask(int fd
, mode_t m
) {
648 r
= fchmod(fd
, m
& (~u
)) < 0 ? -errno
: 0;
654 char *truncate_nl(char *s
) {
657 s
[strcspn(s
, NEWLINE
)] = 0;
661 int get_process_state(pid_t pid
) {
665 _cleanup_free_
char *line
= NULL
;
669 p
= procfs_file_alloca(pid
, "stat");
670 r
= read_one_line_file(p
, &line
);
674 p
= strrchr(line
, ')');
680 if (sscanf(p
, " %c", &state
) != 1)
683 return (unsigned char) state
;
686 int get_process_comm(pid_t pid
, char **name
) {
693 p
= procfs_file_alloca(pid
, "comm");
695 r
= read_one_line_file(p
, name
);
702 int get_process_cmdline(pid_t pid
, size_t max_length
, bool comm_fallback
, char **line
) {
703 _cleanup_fclose_
FILE *f
= NULL
;
711 p
= procfs_file_alloca(pid
, "cmdline");
717 if (max_length
== 0) {
718 size_t len
= 0, allocated
= 0;
720 while ((c
= getc(f
)) != EOF
) {
722 if (!GREEDY_REALLOC(r
, allocated
, len
+2)) {
727 r
[len
++] = isprint(c
) ? c
: ' ';
737 r
= new(char, max_length
);
743 while ((c
= getc(f
)) != EOF
) {
765 size_t n
= MIN(left
-1, 3U);
772 /* Kernel threads have no argv[] */
774 _cleanup_free_
char *t
= NULL
;
782 h
= get_process_comm(pid
, &t
);
786 r
= strjoin("[", t
, "]", NULL
);
795 int is_kernel_thread(pid_t pid
) {
807 p
= procfs_file_alloca(pid
, "cmdline");
812 count
= fread(&c
, 1, 1, f
);
816 /* Kernel threads have an empty cmdline */
819 return eof
? 1 : -errno
;
824 int get_process_capeff(pid_t pid
, char **capeff
) {
830 p
= procfs_file_alloca(pid
, "status");
832 return get_status_field(p
, "\nCapEff:", capeff
);
835 static int get_process_link_contents(const char *proc_file
, char **name
) {
841 r
= readlink_malloc(proc_file
, name
);
843 return r
== -ENOENT
? -ESRCH
: r
;
848 int get_process_exe(pid_t pid
, char **name
) {
855 p
= procfs_file_alloca(pid
, "exe");
856 r
= get_process_link_contents(p
, name
);
860 d
= endswith(*name
, " (deleted)");
867 static int get_process_id(pid_t pid
, const char *field
, uid_t
*uid
) {
868 _cleanup_fclose_
FILE *f
= NULL
;
878 p
= procfs_file_alloca(pid
, "status");
883 FOREACH_LINE(line
, f
, return -errno
) {
888 if (startswith(l
, field
)) {
890 l
+= strspn(l
, WHITESPACE
);
892 l
[strcspn(l
, WHITESPACE
)] = 0;
894 return parse_uid(l
, uid
);
901 int get_process_uid(pid_t pid
, uid_t
*uid
) {
902 return get_process_id(pid
, "Uid:", uid
);
905 int get_process_gid(pid_t pid
, gid_t
*gid
) {
906 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
907 return get_process_id(pid
, "Gid:", gid
);
910 int get_process_cwd(pid_t pid
, char **cwd
) {
915 p
= procfs_file_alloca(pid
, "cwd");
917 return get_process_link_contents(p
, cwd
);
920 int get_process_root(pid_t pid
, char **root
) {
925 p
= procfs_file_alloca(pid
, "root");
927 return get_process_link_contents(p
, root
);
930 int get_process_environ(pid_t pid
, char **env
) {
931 _cleanup_fclose_
FILE *f
= NULL
;
932 _cleanup_free_
char *outcome
= NULL
;
935 size_t allocated
= 0, sz
= 0;
940 p
= procfs_file_alloca(pid
, "environ");
946 while ((c
= fgetc(f
)) != EOF
) {
947 if (!GREEDY_REALLOC(outcome
, allocated
, sz
+ 5))
951 outcome
[sz
++] = '\n';
953 sz
+= cescape_char(c
, outcome
+ sz
);
963 char *strnappend(const char *s
, const char *suffix
, size_t b
) {
971 return strndup(suffix
, b
);
980 if (b
> ((size_t) -1) - a
)
983 r
= new(char, a
+b
+1);
988 memcpy(r
+a
, suffix
, b
);
994 char *strappend(const char *s
, const char *suffix
) {
995 return strnappend(s
, suffix
, suffix
? strlen(suffix
) : 0);
998 int readlinkat_malloc(int fd
, const char *p
, char **ret
) {
1013 n
= readlinkat(fd
, p
, c
, l
-1);
1020 if ((size_t) n
< l
-1) {
1031 int readlink_malloc(const char *p
, char **ret
) {
1032 return readlinkat_malloc(AT_FDCWD
, p
, ret
);
1035 int readlink_value(const char *p
, char **ret
) {
1036 _cleanup_free_
char *link
= NULL
;
1040 r
= readlink_malloc(p
, &link
);
1044 value
= basename(link
);
1048 value
= strdup(value
);
1057 int readlink_and_make_absolute(const char *p
, char **r
) {
1058 _cleanup_free_
char *target
= NULL
;
1065 j
= readlink_malloc(p
, &target
);
1069 k
= file_in_same_dir(p
, target
);
1077 int readlink_and_canonicalize(const char *p
, char **r
) {
1084 j
= readlink_and_make_absolute(p
, &t
);
1088 s
= canonicalize_file_name(t
);
1095 path_kill_slashes(*r
);
1100 int reset_all_signal_handlers(void) {
1103 for (sig
= 1; sig
< _NSIG
; sig
++) {
1104 struct sigaction sa
= {
1105 .sa_handler
= SIG_DFL
,
1106 .sa_flags
= SA_RESTART
,
1109 /* These two cannot be caught... */
1110 if (sig
== SIGKILL
|| sig
== SIGSTOP
)
1113 /* On Linux the first two RT signals are reserved by
1114 * glibc, and sigaction() will return EINVAL for them. */
1115 if ((sigaction(sig
, &sa
, NULL
) < 0))
1116 if (errno
!= EINVAL
&& r
== 0)
1123 int reset_signal_mask(void) {
1126 if (sigemptyset(&ss
) < 0)
1129 if (sigprocmask(SIG_SETMASK
, &ss
, NULL
) < 0)
1135 char *strstrip(char *s
) {
1138 /* Drops trailing whitespace. Modifies the string in
1139 * place. Returns pointer to first non-space character */
1141 s
+= strspn(s
, WHITESPACE
);
1143 for (e
= strchr(s
, 0); e
> s
; e
--)
1144 if (!strchr(WHITESPACE
, e
[-1]))
1152 char *delete_chars(char *s
, const char *bad
) {
1155 /* Drops all whitespace, regardless where in the string */
1157 for (f
= s
, t
= s
; *f
; f
++) {
1158 if (strchr(bad
, *f
))
1169 char *file_in_same_dir(const char *path
, const char *filename
) {
1176 /* This removes the last component of path and appends
1177 * filename, unless the latter is absolute anyway or the
1180 if (path_is_absolute(filename
))
1181 return strdup(filename
);
1183 e
= strrchr(path
, '/');
1185 return strdup(filename
);
1187 k
= strlen(filename
);
1188 ret
= new(char, (e
+ 1 - path
) + k
+ 1);
1192 memcpy(mempcpy(ret
, path
, e
+ 1 - path
), filename
, k
+ 1);
1196 int rmdir_parents(const char *path
, const char *stop
) {
1205 /* Skip trailing slashes */
1206 while (l
> 0 && path
[l
-1] == '/')
1212 /* Skip last component */
1213 while (l
> 0 && path
[l
-1] != '/')
1216 /* Skip trailing slashes */
1217 while (l
> 0 && path
[l
-1] == '/')
1223 if (!(t
= strndup(path
, l
)))
1226 if (path_startswith(stop
, t
)) {
1235 if (errno
!= ENOENT
)
1242 char hexchar(int x
) {
1243 static const char table
[16] = "0123456789abcdef";
1245 return table
[x
& 15];
1248 int unhexchar(char c
) {
1250 if (c
>= '0' && c
<= '9')
1253 if (c
>= 'a' && c
<= 'f')
1254 return c
- 'a' + 10;
1256 if (c
>= 'A' && c
<= 'F')
1257 return c
- 'A' + 10;
1262 char *hexmem(const void *p
, size_t l
) {
1266 z
= r
= malloc(l
* 2 + 1);
1270 for (x
= p
; x
< (const uint8_t*) p
+ l
; x
++) {
1271 *(z
++) = hexchar(*x
>> 4);
1272 *(z
++) = hexchar(*x
& 15);
1279 void *unhexmem(const char *p
, size_t l
) {
1285 z
= r
= malloc((l
+ 1) / 2 + 1);
1289 for (x
= p
; x
< p
+ l
; x
+= 2) {
1292 a
= unhexchar(x
[0]);
1294 b
= unhexchar(x
[1]);
1298 *(z
++) = (uint8_t) a
<< 4 | (uint8_t) b
;
1305 char octchar(int x
) {
1306 return '0' + (x
& 7);
1309 int unoctchar(char c
) {
1311 if (c
>= '0' && c
<= '7')
1317 char decchar(int x
) {
1318 return '0' + (x
% 10);
1321 int undecchar(char c
) {
1323 if (c
>= '0' && c
<= '9')
1329 char *cescape(const char *s
) {
1335 /* Does C style string escaping. May be reversed with
1338 r
= new(char, strlen(s
)*4 + 1);
1342 for (f
= s
, t
= r
; *f
; f
++)
1343 t
+= cescape_char(*f
, t
);
1350 static int cunescape_one(const char *p
, size_t length
, char *ret
, uint32_t *ret_unicode
) {
1357 /* Unescapes C style. Returns the unescaped character in ret,
1358 * unless we encountered a \u sequence in which case the full
1359 * unicode character is returned in ret_unicode, instead. */
1361 if (length
!= (size_t) -1 && length
< 1)
1398 /* This is an extension of the XDG syntax files */
1403 /* hexadecimal encoding */
1406 if (length
!= (size_t) -1 && length
< 3)
1409 a
= unhexchar(p
[1]);
1413 b
= unhexchar(p
[2]);
1417 /* Don't allow NUL bytes */
1418 if (a
== 0 && b
== 0)
1421 *ret
= (char) ((a
<< 4U) | b
);
1427 /* C++11 style 16bit unicode */
1433 if (length
!= (size_t) -1 && length
< 5)
1436 for (i
= 0; i
< 4; i
++) {
1437 a
[i
] = unhexchar(p
[1 + i
]);
1442 c
= ((uint32_t) a
[0] << 12U) | ((uint32_t) a
[1] << 8U) | ((uint32_t) a
[2] << 4U) | (uint32_t) a
[3];
1444 /* Don't allow 0 chars */
1463 /* C++11 style 32bit unicode */
1469 if (length
!= (size_t) -1 && length
< 9)
1472 for (i
= 0; i
< 8; i
++) {
1473 a
[i
] = unhexchar(p
[1 + i
]);
1478 c
= ((uint32_t) a
[0] << 28U) | ((uint32_t) a
[1] << 24U) | ((uint32_t) a
[2] << 20U) | ((uint32_t) a
[3] << 16U) |
1479 ((uint32_t) a
[4] << 12U) | ((uint32_t) a
[5] << 8U) | ((uint32_t) a
[6] << 4U) | (uint32_t) a
[7];
1481 /* Don't allow 0 chars */
1485 /* Don't allow invalid code points */
1486 if (!unichar_is_valid(c
))
1511 /* octal encoding */
1515 if (length
!= (size_t) -1 && length
< 4)
1518 a
= unoctchar(p
[0]);
1522 b
= unoctchar(p
[1]);
1526 c
= unoctchar(p
[2]);
1530 /* don't allow NUL bytes */
1531 if (a
== 0 && b
== 0 && c
== 0)
1534 /* Don't allow bytes above 255 */
1535 m
= ((uint32_t) a
<< 6U) | ((uint32_t) b
<< 3U) | (uint32_t) c
;
1551 int cunescape_length_with_prefix(const char *s
, size_t length
, const char *prefix
, UnescapeFlags flags
, char **ret
) {
1559 /* Undoes C style string escaping, and optionally prefixes it. */
1561 pl
= prefix
? strlen(prefix
) : 0;
1563 r
= new(char, pl
+length
+1);
1568 memcpy(r
, prefix
, pl
);
1570 for (f
= s
, t
= r
+ pl
; f
< s
+ length
; f
++) {
1576 remaining
= s
+ length
- f
;
1577 assert(remaining
> 0);
1580 /* A literal literal, copy verbatim */
1585 if (remaining
== 1) {
1586 if (flags
& UNESCAPE_RELAX
) {
1587 /* A trailing backslash, copy verbatim */
1596 k
= cunescape_one(f
+ 1, remaining
- 1, &c
, &u
);
1598 if (flags
& UNESCAPE_RELAX
) {
1599 /* Invalid escape code, let's take it literal then */
1609 /* Non-Unicode? Let's encode this directly */
1612 /* Unicode? Then let's encode this in UTF-8 */
1613 t
+= utf8_encode_unichar(t
, u
);
1624 int cunescape_length(const char *s
, size_t length
, UnescapeFlags flags
, char **ret
) {
1625 return cunescape_length_with_prefix(s
, length
, NULL
, flags
, ret
);
1628 int cunescape(const char *s
, UnescapeFlags flags
, char **ret
) {
1629 return cunescape_length(s
, strlen(s
), flags
, ret
);
1632 char *xescape(const char *s
, const char *bad
) {
1636 /* Escapes all chars in bad, in addition to \ and all special
1637 * chars, in \xFF style escaping. May be reversed with
1640 r
= new(char, strlen(s
) * 4 + 1);
1644 for (f
= s
, t
= r
; *f
; f
++) {
1646 if ((*f
< ' ') || (*f
>= 127) ||
1647 (*f
== '\\') || strchr(bad
, *f
)) {
1650 *(t
++) = hexchar(*f
>> 4);
1651 *(t
++) = hexchar(*f
);
1661 char *ascii_strlower(char *t
) {
1666 for (p
= t
; *p
; p
++)
1667 if (*p
>= 'A' && *p
<= 'Z')
1668 *p
= *p
- 'A' + 'a';
1673 _pure_
static bool hidden_file_allow_backup(const char *filename
) {
1677 filename
[0] == '.' ||
1678 streq(filename
, "lost+found") ||
1679 streq(filename
, "aquota.user") ||
1680 streq(filename
, "aquota.group") ||
1681 endswith(filename
, ".rpmnew") ||
1682 endswith(filename
, ".rpmsave") ||
1683 endswith(filename
, ".rpmorig") ||
1684 endswith(filename
, ".dpkg-old") ||
1685 endswith(filename
, ".dpkg-new") ||
1686 endswith(filename
, ".dpkg-tmp") ||
1687 endswith(filename
, ".dpkg-dist") ||
1688 endswith(filename
, ".dpkg-bak") ||
1689 endswith(filename
, ".dpkg-backup") ||
1690 endswith(filename
, ".dpkg-remove") ||
1691 endswith(filename
, ".swp");
1694 bool hidden_file(const char *filename
) {
1697 if (endswith(filename
, "~"))
1700 return hidden_file_allow_backup(filename
);
1703 int fd_nonblock(int fd
, bool nonblock
) {
1708 flags
= fcntl(fd
, F_GETFL
, 0);
1713 nflags
= flags
| O_NONBLOCK
;
1715 nflags
= flags
& ~O_NONBLOCK
;
1717 if (nflags
== flags
)
1720 if (fcntl(fd
, F_SETFL
, nflags
) < 0)
1726 int fd_cloexec(int fd
, bool cloexec
) {
1731 flags
= fcntl(fd
, F_GETFD
, 0);
1736 nflags
= flags
| FD_CLOEXEC
;
1738 nflags
= flags
& ~FD_CLOEXEC
;
1740 if (nflags
== flags
)
1743 if (fcntl(fd
, F_SETFD
, nflags
) < 0)
1749 _pure_
static bool fd_in_set(int fd
, const int fdset
[], unsigned n_fdset
) {
1752 assert(n_fdset
== 0 || fdset
);
1754 for (i
= 0; i
< n_fdset
; i
++)
1761 int close_all_fds(const int except
[], unsigned n_except
) {
1762 _cleanup_closedir_
DIR *d
= NULL
;
1766 assert(n_except
== 0 || except
);
1768 d
= opendir("/proc/self/fd");
1773 /* When /proc isn't available (for example in chroots)
1774 * the fallback is brute forcing through the fd
1777 assert_se(getrlimit(RLIMIT_NOFILE
, &rl
) >= 0);
1778 for (fd
= 3; fd
< (int) rl
.rlim_max
; fd
++) {
1780 if (fd_in_set(fd
, except
, n_except
))
1783 if (close_nointr(fd
) < 0)
1784 if (errno
!= EBADF
&& r
== 0)
1791 while ((de
= readdir(d
))) {
1794 if (hidden_file(de
->d_name
))
1797 if (safe_atoi(de
->d_name
, &fd
) < 0)
1798 /* Let's better ignore this, just in case */
1807 if (fd_in_set(fd
, except
, n_except
))
1810 if (close_nointr(fd
) < 0) {
1811 /* Valgrind has its own FD and doesn't want to have it closed */
1812 if (errno
!= EBADF
&& r
== 0)
1820 bool chars_intersect(const char *a
, const char *b
) {
1823 /* Returns true if any of the chars in a are in b. */
1824 for (p
= a
; *p
; p
++)
1831 bool fstype_is_network(const char *fstype
) {
1832 static const char table
[] =
1847 x
= startswith(fstype
, "fuse.");
1851 return nulstr_contains(table
, fstype
);
1855 _cleanup_close_
int fd
;
1857 fd
= open_terminal("/dev/tty0", O_RDWR
|O_NOCTTY
|O_CLOEXEC
);
1863 TIOCL_GETKMSGREDIRECT
,
1867 if (ioctl(fd
, TIOCLINUX
, tiocl
) < 0)
1870 vt
= tiocl
[0] <= 0 ? 1 : tiocl
[0];
1873 if (ioctl(fd
, VT_ACTIVATE
, vt
) < 0)
1879 int read_one_char(FILE *f
, char *ret
, usec_t t
, bool *need_nl
) {
1880 struct termios old_termios
, new_termios
;
1881 char c
, line
[LINE_MAX
];
1886 if (tcgetattr(fileno(f
), &old_termios
) >= 0) {
1887 new_termios
= old_termios
;
1889 new_termios
.c_lflag
&= ~ICANON
;
1890 new_termios
.c_cc
[VMIN
] = 1;
1891 new_termios
.c_cc
[VTIME
] = 0;
1893 if (tcsetattr(fileno(f
), TCSADRAIN
, &new_termios
) >= 0) {
1896 if (t
!= USEC_INFINITY
) {
1897 if (fd_wait_for_event(fileno(f
), POLLIN
, t
) <= 0) {
1898 tcsetattr(fileno(f
), TCSADRAIN
, &old_termios
);
1903 k
= fread(&c
, 1, 1, f
);
1905 tcsetattr(fileno(f
), TCSADRAIN
, &old_termios
);
1911 *need_nl
= c
!= '\n';
1918 if (t
!= USEC_INFINITY
) {
1919 if (fd_wait_for_event(fileno(f
), POLLIN
, t
) <= 0)
1924 if (!fgets(line
, sizeof(line
), f
))
1925 return errno
? -errno
: -EIO
;
1929 if (strlen(line
) != 1)
1939 int ask_char(char *ret
, const char *replies
, const char *text
, ...) {
1949 bool need_nl
= true;
1952 fputs(ANSI_HIGHLIGHT_ON
, stdout
);
1959 fputs(ANSI_HIGHLIGHT_OFF
, stdout
);
1963 r
= read_one_char(stdin
, &c
, USEC_INFINITY
, &need_nl
);
1966 if (r
== -EBADMSG
) {
1967 puts("Bad input, please try again.");
1978 if (strchr(replies
, c
)) {
1983 puts("Read unexpected character, please try again.");
1987 int ask_string(char **ret
, const char *text
, ...) {
1992 char line
[LINE_MAX
];
1996 fputs(ANSI_HIGHLIGHT_ON
, stdout
);
2003 fputs(ANSI_HIGHLIGHT_OFF
, stdout
);
2008 if (!fgets(line
, sizeof(line
), stdin
))
2009 return errno
? -errno
: -EIO
;
2011 if (!endswith(line
, "\n"))
2030 int reset_terminal_fd(int fd
, bool switch_to_text
) {
2031 struct termios termios
;
2034 /* Set terminal to some sane defaults */
2038 /* We leave locked terminal attributes untouched, so that
2039 * Plymouth may set whatever it wants to set, and we don't
2040 * interfere with that. */
2042 /* Disable exclusive mode, just in case */
2043 ioctl(fd
, TIOCNXCL
);
2045 /* Switch to text mode */
2047 ioctl(fd
, KDSETMODE
, KD_TEXT
);
2049 /* Enable console unicode mode */
2050 ioctl(fd
, KDSKBMODE
, K_UNICODE
);
2052 if (tcgetattr(fd
, &termios
) < 0) {
2057 /* We only reset the stuff that matters to the software. How
2058 * hardware is set up we don't touch assuming that somebody
2059 * else will do that for us */
2061 termios
.c_iflag
&= ~(IGNBRK
| BRKINT
| ISTRIP
| INLCR
| IGNCR
| IUCLC
);
2062 termios
.c_iflag
|= ICRNL
| IMAXBEL
| IUTF8
;
2063 termios
.c_oflag
|= ONLCR
;
2064 termios
.c_cflag
|= CREAD
;
2065 termios
.c_lflag
= ISIG
| ICANON
| IEXTEN
| ECHO
| ECHOE
| ECHOK
| ECHOCTL
| ECHOPRT
| ECHOKE
;
2067 termios
.c_cc
[VINTR
] = 03; /* ^C */
2068 termios
.c_cc
[VQUIT
] = 034; /* ^\ */
2069 termios
.c_cc
[VERASE
] = 0177;
2070 termios
.c_cc
[VKILL
] = 025; /* ^X */
2071 termios
.c_cc
[VEOF
] = 04; /* ^D */
2072 termios
.c_cc
[VSTART
] = 021; /* ^Q */
2073 termios
.c_cc
[VSTOP
] = 023; /* ^S */
2074 termios
.c_cc
[VSUSP
] = 032; /* ^Z */
2075 termios
.c_cc
[VLNEXT
] = 026; /* ^V */
2076 termios
.c_cc
[VWERASE
] = 027; /* ^W */
2077 termios
.c_cc
[VREPRINT
] = 022; /* ^R */
2078 termios
.c_cc
[VEOL
] = 0;
2079 termios
.c_cc
[VEOL2
] = 0;
2081 termios
.c_cc
[VTIME
] = 0;
2082 termios
.c_cc
[VMIN
] = 1;
2084 if (tcsetattr(fd
, TCSANOW
, &termios
) < 0)
2088 /* Just in case, flush all crap out */
2089 tcflush(fd
, TCIOFLUSH
);
2094 int reset_terminal(const char *name
) {
2095 _cleanup_close_
int fd
= -1;
2097 fd
= open_terminal(name
, O_RDWR
|O_NOCTTY
|O_CLOEXEC
);
2101 return reset_terminal_fd(fd
, true);
2104 int open_terminal(const char *name
, int mode
) {
2109 * If a TTY is in the process of being closed opening it might
2110 * cause EIO. This is horribly awful, but unlikely to be
2111 * changed in the kernel. Hence we work around this problem by
2112 * retrying a couple of times.
2114 * https://bugs.launchpad.net/ubuntu/+source/linux/+bug/554172/comments/245
2117 assert(!(mode
& O_CREAT
));
2120 fd
= open(name
, mode
, 0);
2127 /* Max 1s in total */
2131 usleep(50 * USEC_PER_MSEC
);
2149 int flush_fd(int fd
) {
2150 struct pollfd pollfd
= {
2160 r
= poll(&pollfd
, 1, 0);
2170 l
= read(fd
, buf
, sizeof(buf
));
2176 if (errno
== EAGAIN
)
2185 int acquire_terminal(
2189 bool ignore_tiocstty_eperm
,
2192 int fd
= -1, notify
= -1, r
= 0, wd
= -1;
2197 /* We use inotify to be notified when the tty is closed. We
2198 * create the watch before checking if we can actually acquire
2199 * it, so that we don't lose any event.
2201 * Note: strictly speaking this actually watches for the
2202 * device being closed, it does *not* really watch whether a
2203 * tty loses its controlling process. However, unless some
2204 * rogue process uses TIOCNOTTY on /dev/tty *after* closing
2205 * its tty otherwise this will not become a problem. As long
2206 * as the administrator makes sure not configure any service
2207 * on the same tty as an untrusted user this should not be a
2208 * problem. (Which he probably should not do anyway.) */
2210 if (timeout
!= USEC_INFINITY
)
2211 ts
= now(CLOCK_MONOTONIC
);
2213 if (!fail
&& !force
) {
2214 notify
= inotify_init1(IN_CLOEXEC
| (timeout
!= USEC_INFINITY
? IN_NONBLOCK
: 0));
2220 wd
= inotify_add_watch(notify
, name
, IN_CLOSE
);
2228 struct sigaction sa_old
, sa_new
= {
2229 .sa_handler
= SIG_IGN
,
2230 .sa_flags
= SA_RESTART
,
2234 r
= flush_fd(notify
);
2239 /* We pass here O_NOCTTY only so that we can check the return
2240 * value TIOCSCTTY and have a reliable way to figure out if we
2241 * successfully became the controlling process of the tty */
2242 fd
= open_terminal(name
, O_RDWR
|O_NOCTTY
|O_CLOEXEC
);
2246 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
2247 * if we already own the tty. */
2248 assert_se(sigaction(SIGHUP
, &sa_new
, &sa_old
) == 0);
2250 /* First, try to get the tty */
2251 if (ioctl(fd
, TIOCSCTTY
, force
) < 0)
2254 assert_se(sigaction(SIGHUP
, &sa_old
, NULL
) == 0);
2256 /* Sometimes it makes sense to ignore TIOCSCTTY
2257 * returning EPERM, i.e. when very likely we already
2258 * are have this controlling terminal. */
2259 if (r
< 0 && r
== -EPERM
&& ignore_tiocstty_eperm
)
2262 if (r
< 0 && (force
|| fail
|| r
!= -EPERM
)) {
2271 assert(notify
>= 0);
2274 union inotify_event_buffer buffer
;
2275 struct inotify_event
*e
;
2278 if (timeout
!= USEC_INFINITY
) {
2281 n
= now(CLOCK_MONOTONIC
);
2282 if (ts
+ timeout
< n
) {
2287 r
= fd_wait_for_event(fd
, POLLIN
, ts
+ timeout
- n
);
2297 l
= read(notify
, &buffer
, sizeof(buffer
));
2299 if (errno
== EINTR
|| errno
== EAGAIN
)
2306 FOREACH_INOTIFY_EVENT(e
, buffer
, l
) {
2307 if (e
->wd
!= wd
|| !(e
->mask
& IN_CLOSE
)) {
2316 /* We close the tty fd here since if the old session
2317 * ended our handle will be dead. It's important that
2318 * we do this after sleeping, so that we don't enter
2319 * an endless loop. */
2320 fd
= safe_close(fd
);
2325 r
= reset_terminal_fd(fd
, true);
2327 log_warning_errno(r
, "Failed to reset terminal: %m");
2338 int release_terminal(void) {
2339 static const struct sigaction sa_new
= {
2340 .sa_handler
= SIG_IGN
,
2341 .sa_flags
= SA_RESTART
,
2344 _cleanup_close_
int fd
= -1;
2345 struct sigaction sa_old
;
2348 fd
= open("/dev/tty", O_RDWR
|O_NOCTTY
|O_NDELAY
|O_CLOEXEC
);
2352 /* Temporarily ignore SIGHUP, so that we don't get SIGHUP'ed
2353 * by our own TIOCNOTTY */
2354 assert_se(sigaction(SIGHUP
, &sa_new
, &sa_old
) == 0);
2356 if (ioctl(fd
, TIOCNOTTY
) < 0)
2359 assert_se(sigaction(SIGHUP
, &sa_old
, NULL
) == 0);
2364 int sigaction_many(const struct sigaction
*sa
, ...) {
2369 while ((sig
= va_arg(ap
, int)) > 0)
2370 if (sigaction(sig
, sa
, NULL
) < 0)
2377 int ignore_signals(int sig
, ...) {
2378 struct sigaction sa
= {
2379 .sa_handler
= SIG_IGN
,
2380 .sa_flags
= SA_RESTART
,
2385 if (sigaction(sig
, &sa
, NULL
) < 0)
2389 while ((sig
= va_arg(ap
, int)) > 0)
2390 if (sigaction(sig
, &sa
, NULL
) < 0)
2397 int default_signals(int sig
, ...) {
2398 struct sigaction sa
= {
2399 .sa_handler
= SIG_DFL
,
2400 .sa_flags
= SA_RESTART
,
2405 if (sigaction(sig
, &sa
, NULL
) < 0)
2409 while ((sig
= va_arg(ap
, int)) > 0)
2410 if (sigaction(sig
, &sa
, NULL
) < 0)
2417 void safe_close_pair(int p
[]) {
2421 /* Special case pairs which use the same fd in both
2423 p
[0] = p
[1] = safe_close(p
[0]);
2427 p
[0] = safe_close(p
[0]);
2428 p
[1] = safe_close(p
[1]);
2431 ssize_t
loop_read(int fd
, void *buf
, size_t nbytes
, bool do_poll
) {
2438 while (nbytes
> 0) {
2441 k
= read(fd
, p
, nbytes
);
2446 if (errno
== EAGAIN
&& do_poll
) {
2448 /* We knowingly ignore any return value here,
2449 * and expect that any error/EOF is reported
2452 fd_wait_for_event(fd
, POLLIN
, USEC_INFINITY
);
2456 return n
> 0 ? n
: -errno
;
2470 int loop_read_exact(int fd
, void *buf
, size_t nbytes
, bool do_poll
) {
2473 n
= loop_read(fd
, buf
, nbytes
, do_poll
);
2476 if ((size_t) n
!= nbytes
)
2481 int loop_write(int fd
, const void *buf
, size_t nbytes
, bool do_poll
) {
2482 const uint8_t *p
= buf
;
2489 while (nbytes
> 0) {
2492 k
= write(fd
, p
, nbytes
);
2497 if (errno
== EAGAIN
&& do_poll
) {
2498 /* We knowingly ignore any return value here,
2499 * and expect that any error/EOF is reported
2502 fd_wait_for_event(fd
, POLLOUT
, USEC_INFINITY
);
2509 if (k
== 0) /* Can't really happen */
2519 int parse_size(const char *t
, off_t base
, off_t
*size
) {
2521 /* Soo, sometimes we want to parse IEC binary suffxies, and
2522 * sometimes SI decimal suffixes. This function can parse
2523 * both. Which one is the right way depends on the
2524 * context. Wikipedia suggests that SI is customary for
2525 * hardrware metrics and network speeds, while IEC is
2526 * customary for most data sizes used by software and volatile
2527 * (RAM) memory. Hence be careful which one you pick!
2529 * In either case we use just K, M, G as suffix, and not Ki,
2530 * Mi, Gi or so (as IEC would suggest). That's because that's
2531 * frickin' ugly. But this means you really need to make sure
2532 * to document which base you are parsing when you use this
2537 unsigned long long factor
;
2540 static const struct table iec
[] = {
2541 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2542 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
2543 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
2544 { "G", 1024ULL*1024ULL*1024ULL },
2545 { "M", 1024ULL*1024ULL },
2551 static const struct table si
[] = {
2552 { "E", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2553 { "P", 1000ULL*1000ULL*1000ULL*1000ULL*1000ULL },
2554 { "T", 1000ULL*1000ULL*1000ULL*1000ULL },
2555 { "G", 1000ULL*1000ULL*1000ULL },
2556 { "M", 1000ULL*1000ULL },
2562 const struct table
*table
;
2564 unsigned long long r
= 0;
2565 unsigned n_entries
, start_pos
= 0;
2568 assert(base
== 1000 || base
== 1024);
2573 n_entries
= ELEMENTSOF(si
);
2576 n_entries
= ELEMENTSOF(iec
);
2582 unsigned long long l2
;
2588 l
= strtoll(p
, &e
, 10);
2601 if (*e
>= '0' && *e
<= '9') {
2604 /* strotoull itself would accept space/+/- */
2605 l2
= strtoull(e
, &e2
, 10);
2607 if (errno
== ERANGE
)
2610 /* Ignore failure. E.g. 10.M is valid */
2617 e
+= strspn(e
, WHITESPACE
);
2619 for (i
= start_pos
; i
< n_entries
; i
++)
2620 if (startswith(e
, table
[i
].suffix
)) {
2621 unsigned long long tmp
;
2622 if ((unsigned long long) l
+ (frac
> 0) > ULLONG_MAX
/ table
[i
].factor
)
2624 tmp
= l
* table
[i
].factor
+ (unsigned long long) (frac
* table
[i
].factor
);
2625 if (tmp
> ULLONG_MAX
- r
)
2629 if ((unsigned long long) (off_t
) r
!= r
)
2632 p
= e
+ strlen(table
[i
].suffix
);
2648 int make_stdio(int fd
) {
2653 r
= dup2(fd
, STDIN_FILENO
);
2654 s
= dup2(fd
, STDOUT_FILENO
);
2655 t
= dup2(fd
, STDERR_FILENO
);
2660 if (r
< 0 || s
< 0 || t
< 0)
2663 /* Explicitly unset O_CLOEXEC, since if fd was < 3, then
2664 * dup2() was a NOP and the bit hence possibly set. */
2665 fd_cloexec(STDIN_FILENO
, false);
2666 fd_cloexec(STDOUT_FILENO
, false);
2667 fd_cloexec(STDERR_FILENO
, false);
2672 int make_null_stdio(void) {
2675 null_fd
= open("/dev/null", O_RDWR
|O_NOCTTY
);
2679 return make_stdio(null_fd
);
2682 bool is_device_path(const char *path
) {
2684 /* Returns true on paths that refer to a device, either in
2685 * sysfs or in /dev */
2688 path_startswith(path
, "/dev/") ||
2689 path_startswith(path
, "/sys/");
2692 int dir_is_empty(const char *path
) {
2693 _cleanup_closedir_
DIR *d
;
2704 if (!de
&& errno
!= 0)
2710 if (!hidden_file(de
->d_name
))
2715 char* dirname_malloc(const char *path
) {
2716 char *d
, *dir
, *dir2
;
2733 int dev_urandom(void *p
, size_t n
) {
2734 static int have_syscall
= -1;
2736 _cleanup_close_
int fd
= -1;
2739 /* Gathers some randomness from the kernel. This call will
2740 * never block, and will always return some data from the
2741 * kernel, regardless if the random pool is fully initialized
2742 * or not. It thus makes no guarantee for the quality of the
2743 * returned entropy, but is good enough for or usual usecases
2744 * of seeding the hash functions for hashtable */
2746 /* Use the getrandom() syscall unless we know we don't have
2747 * it, or when the requested size is too large for it. */
2748 if (have_syscall
!= 0 || (size_t) (int) n
!= n
) {
2749 r
= getrandom(p
, n
, GRND_NONBLOCK
);
2751 have_syscall
= true;
2756 if (errno
== ENOSYS
)
2757 /* we lack the syscall, continue with
2758 * reading from /dev/urandom */
2759 have_syscall
= false;
2760 else if (errno
== EAGAIN
)
2761 /* not enough entropy for now. Let's
2762 * remember to use the syscall the
2763 * next time, again, but also read
2764 * from /dev/urandom for now, which
2765 * doesn't care about the current
2766 * amount of entropy. */
2767 have_syscall
= true;
2771 /* too short read? */
2775 fd
= open("/dev/urandom", O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
2777 return errno
== ENOENT
? -ENOSYS
: -errno
;
2779 return loop_read_exact(fd
, p
, n
, true);
2782 void initialize_srand(void) {
2783 static bool srand_called
= false;
2785 #ifdef HAVE_SYS_AUXV_H
2794 #ifdef HAVE_SYS_AUXV_H
2795 /* The kernel provides us with a bit of entropy in auxv, so
2796 * let's try to make use of that to seed the pseudo-random
2797 * generator. It's better than nothing... */
2799 auxv
= (void*) getauxval(AT_RANDOM
);
2801 x
^= *(unsigned*) auxv
;
2804 x
^= (unsigned) now(CLOCK_REALTIME
);
2805 x
^= (unsigned) gettid();
2808 srand_called
= true;
2811 void random_bytes(void *p
, size_t n
) {
2815 r
= dev_urandom(p
, n
);
2819 /* If some idiot made /dev/urandom unavailable to us, he'll
2820 * get a PRNG instead. */
2824 for (q
= p
; q
< (uint8_t*) p
+ n
; q
++)
2828 void rename_process(const char name
[8]) {
2831 /* This is a like a poor man's setproctitle(). It changes the
2832 * comm field, argv[0], and also the glibc's internally used
2833 * name of the process. For the first one a limit of 16 chars
2834 * applies, to the second one usually one of 10 (i.e. length
2835 * of "/sbin/init"), to the third one one of 7 (i.e. length of
2836 * "systemd"). If you pass a longer string it will be
2839 prctl(PR_SET_NAME
, name
);
2841 if (program_invocation_name
)
2842 strncpy(program_invocation_name
, name
, strlen(program_invocation_name
));
2844 if (saved_argc
> 0) {
2848 strncpy(saved_argv
[0], name
, strlen(saved_argv
[0]));
2850 for (i
= 1; i
< saved_argc
; i
++) {
2854 memzero(saved_argv
[i
], strlen(saved_argv
[i
]));
2859 void sigset_add_many(sigset_t
*ss
, ...) {
2866 while ((sig
= va_arg(ap
, int)) > 0)
2867 assert_se(sigaddset(ss
, sig
) == 0);
2871 int sigprocmask_many(int how
, ...) {
2876 assert_se(sigemptyset(&ss
) == 0);
2879 while ((sig
= va_arg(ap
, int)) > 0)
2880 assert_se(sigaddset(&ss
, sig
) == 0);
2883 if (sigprocmask(how
, &ss
, NULL
) < 0)
2889 char* gethostname_malloc(void) {
2892 assert_se(uname(&u
) >= 0);
2894 if (!isempty(u
.nodename
) && !streq(u
.nodename
, "(none)"))
2895 return strdup(u
.nodename
);
2897 return strdup(u
.sysname
);
2900 bool hostname_is_set(void) {
2903 assert_se(uname(&u
) >= 0);
2905 return !isempty(u
.nodename
) && !streq(u
.nodename
, "(none)");
2908 char *lookup_uid(uid_t uid
) {
2911 _cleanup_free_
char *buf
= NULL
;
2912 struct passwd pwbuf
, *pw
= NULL
;
2914 /* Shortcut things to avoid NSS lookups */
2916 return strdup("root");
2918 bufsize
= sysconf(_SC_GETPW_R_SIZE_MAX
);
2922 buf
= malloc(bufsize
);
2926 if (getpwuid_r(uid
, &pwbuf
, buf
, bufsize
, &pw
) == 0 && pw
)
2927 return strdup(pw
->pw_name
);
2929 if (asprintf(&name
, UID_FMT
, uid
) < 0)
2935 char* getlogname_malloc(void) {
2939 if (isatty(STDIN_FILENO
) && fstat(STDIN_FILENO
, &st
) >= 0)
2944 return lookup_uid(uid
);
2947 char *getusername_malloc(void) {
2954 return lookup_uid(getuid());
2957 int getttyname_malloc(int fd
, char **ret
) {
2967 r
= ttyname_r(fd
, path
, sizeof(path
));
2972 p
= startswith(path
, "/dev/");
2973 c
= strdup(p
?: path
);
2990 int getttyname_harder(int fd
, char **r
) {
2994 k
= getttyname_malloc(fd
, &s
);
2998 if (streq(s
, "tty")) {
3000 return get_ctty(0, NULL
, r
);
3007 int get_ctty_devnr(pid_t pid
, dev_t
*d
) {
3009 _cleanup_free_
char *line
= NULL
;
3011 unsigned long ttynr
;
3015 p
= procfs_file_alloca(pid
, "stat");
3016 r
= read_one_line_file(p
, &line
);
3020 p
= strrchr(line
, ')');
3030 "%*d " /* session */
3035 if (major(ttynr
) == 0 && minor(ttynr
) == 0)
3044 int get_ctty(pid_t pid
, dev_t
*_devnr
, char **r
) {
3045 char fn
[sizeof("/dev/char/")-1 + 2*DECIMAL_STR_MAX(unsigned) + 1 + 1], *b
= NULL
;
3046 _cleanup_free_
char *s
= NULL
;
3053 k
= get_ctty_devnr(pid
, &devnr
);
3057 sprintf(fn
, "/dev/char/%u:%u", major(devnr
), minor(devnr
));
3059 k
= readlink_malloc(fn
, &s
);
3065 /* This is an ugly hack */
3066 if (major(devnr
) == 136) {
3067 if (asprintf(&b
, "pts/%u", minor(devnr
)) < 0)
3070 /* Probably something like the ptys which have no
3071 * symlink in /dev/char. Let's return something
3072 * vaguely useful. */
3079 if (startswith(s
, "/dev/"))
3081 else if (startswith(s
, "../"))
3098 bool is_temporary_fs(const struct statfs
*s
) {
3101 return F_TYPE_EQUAL(s
->f_type
, TMPFS_MAGIC
) ||
3102 F_TYPE_EQUAL(s
->f_type
, RAMFS_MAGIC
);
3105 int fd_is_temporary_fs(int fd
) {
3108 if (fstatfs(fd
, &s
) < 0)
3111 return is_temporary_fs(&s
);
3114 int chmod_and_chown(const char *path
, mode_t mode
, uid_t uid
, gid_t gid
) {
3117 /* Under the assumption that we are running privileged we
3118 * first change the access mode and only then hand out
3119 * ownership to avoid a window where access is too open. */
3121 if (mode
!= MODE_INVALID
)
3122 if (chmod(path
, mode
) < 0)
3125 if (uid
!= UID_INVALID
|| gid
!= GID_INVALID
)
3126 if (chown(path
, uid
, gid
) < 0)
3132 int fchmod_and_fchown(int fd
, mode_t mode
, uid_t uid
, gid_t gid
) {
3135 /* Under the assumption that we are running privileged we
3136 * first change the access mode and only then hand out
3137 * ownership to avoid a window where access is too open. */
3139 if (mode
!= MODE_INVALID
)
3140 if (fchmod(fd
, mode
) < 0)
3143 if (uid
!= UID_INVALID
|| gid
!= GID_INVALID
)
3144 if (fchown(fd
, uid
, gid
) < 0)
3150 cpu_set_t
* cpu_set_malloc(unsigned *ncpus
) {
3154 /* Allocates the cpuset in the right size */
3157 if (!(r
= CPU_ALLOC(n
)))
3160 if (sched_getaffinity(0, CPU_ALLOC_SIZE(n
), r
) >= 0) {
3161 CPU_ZERO_S(CPU_ALLOC_SIZE(n
), r
);
3171 if (errno
!= EINVAL
)
3178 int status_vprintf(const char *status
, bool ellipse
, bool ephemeral
, const char *format
, va_list ap
) {
3179 static const char status_indent
[] = " "; /* "[" STATUS "] " */
3180 _cleanup_free_
char *s
= NULL
;
3181 _cleanup_close_
int fd
= -1;
3182 struct iovec iovec
[6] = {};
3184 static bool prev_ephemeral
;
3188 /* This is independent of logging, as status messages are
3189 * optional and go exclusively to the console. */
3191 if (vasprintf(&s
, format
, ap
) < 0)
3194 fd
= open_terminal("/dev/console", O_WRONLY
|O_NOCTTY
|O_CLOEXEC
);
3207 sl
= status
? sizeof(status_indent
)-1 : 0;
3213 e
= ellipsize(s
, emax
, 50);
3221 IOVEC_SET_STRING(iovec
[n
++], "\r" ANSI_ERASE_TO_END_OF_LINE
);
3222 prev_ephemeral
= ephemeral
;
3225 if (!isempty(status
)) {
3226 IOVEC_SET_STRING(iovec
[n
++], "[");
3227 IOVEC_SET_STRING(iovec
[n
++], status
);
3228 IOVEC_SET_STRING(iovec
[n
++], "] ");
3230 IOVEC_SET_STRING(iovec
[n
++], status_indent
);
3233 IOVEC_SET_STRING(iovec
[n
++], s
);
3235 IOVEC_SET_STRING(iovec
[n
++], "\n");
3237 if (writev(fd
, iovec
, n
) < 0)
3243 int status_printf(const char *status
, bool ellipse
, bool ephemeral
, const char *format
, ...) {
3249 va_start(ap
, format
);
3250 r
= status_vprintf(status
, ellipse
, ephemeral
, format
, ap
);
3256 char *replace_env(const char *format
, char **env
) {
3263 const char *e
, *word
= format
;
3268 for (e
= format
; *e
; e
++) {
3279 k
= strnappend(r
, word
, e
-word
-1);
3289 } else if (*e
== '$') {
3290 k
= strnappend(r
, word
, e
-word
);
3307 t
= strempty(strv_env_get_n(env
, word
+2, e
-word
-2));
3309 k
= strappend(r
, t
);
3323 k
= strnappend(r
, word
, e
-word
);
3335 char **replace_env_argv(char **argv
, char **env
) {
3337 unsigned k
= 0, l
= 0;
3339 l
= strv_length(argv
);
3341 ret
= new(char*, l
+1);
3345 STRV_FOREACH(i
, argv
) {
3347 /* If $FOO appears as single word, replace it by the split up variable */
3348 if ((*i
)[0] == '$' && (*i
)[1] != '{') {
3350 char **w
, **m
= NULL
;
3353 e
= strv_env_get(env
, *i
+1);
3357 r
= strv_split_quoted(&m
, e
, UNQUOTE_RELAX
);
3369 w
= realloc(ret
, sizeof(char*) * (l
+1));
3379 memcpy(ret
+ k
, m
, q
* sizeof(char*));
3387 /* If ${FOO} appears as part of a word, replace it by the variable as-is */
3388 ret
[k
] = replace_env(*i
, env
);
3400 int fd_columns(int fd
) {
3401 struct winsize ws
= {};
3403 if (ioctl(fd
, TIOCGWINSZ
, &ws
) < 0)
3412 unsigned columns(void) {
3416 if (_likely_(cached_columns
> 0))
3417 return cached_columns
;
3420 e
= getenv("COLUMNS");
3422 (void) safe_atoi(e
, &c
);
3425 c
= fd_columns(STDOUT_FILENO
);
3431 return cached_columns
;
3434 int fd_lines(int fd
) {
3435 struct winsize ws
= {};
3437 if (ioctl(fd
, TIOCGWINSZ
, &ws
) < 0)
3446 unsigned lines(void) {
3450 if (_likely_(cached_lines
> 0))
3451 return cached_lines
;
3454 e
= getenv("LINES");
3456 (void) safe_atoi(e
, &l
);
3459 l
= fd_lines(STDOUT_FILENO
);
3465 return cached_lines
;
3468 /* intended to be used as a SIGWINCH sighandler */
3469 void columns_lines_cache_reset(int signum
) {
3475 static int cached_on_tty
= -1;
3477 if (_unlikely_(cached_on_tty
< 0))
3478 cached_on_tty
= isatty(STDOUT_FILENO
) > 0;
3480 return cached_on_tty
;
3483 int files_same(const char *filea
, const char *fileb
) {
3486 if (stat(filea
, &a
) < 0)
3489 if (stat(fileb
, &b
) < 0)
3492 return a
.st_dev
== b
.st_dev
&&
3493 a
.st_ino
== b
.st_ino
;
3496 int running_in_chroot(void) {
3499 ret
= files_same("/proc/1/root", "/");
3506 static char *ascii_ellipsize_mem(const char *s
, size_t old_length
, size_t new_length
, unsigned percent
) {
3511 assert(percent
<= 100);
3512 assert(new_length
>= 3);
3514 if (old_length
<= 3 || old_length
<= new_length
)
3515 return strndup(s
, old_length
);
3517 r
= new0(char, new_length
+1);
3521 x
= (new_length
* percent
) / 100;
3523 if (x
> new_length
- 3)
3531 s
+ old_length
- (new_length
- x
- 3),
3532 new_length
- x
- 3);
3537 char *ellipsize_mem(const char *s
, size_t old_length
, size_t new_length
, unsigned percent
) {
3541 unsigned k
, len
, len2
;
3544 assert(percent
<= 100);
3545 assert(new_length
>= 3);
3547 /* if no multibyte characters use ascii_ellipsize_mem for speed */
3548 if (ascii_is_valid(s
))
3549 return ascii_ellipsize_mem(s
, old_length
, new_length
, percent
);
3551 if (old_length
<= 3 || old_length
<= new_length
)
3552 return strndup(s
, old_length
);
3554 x
= (new_length
* percent
) / 100;
3556 if (x
> new_length
- 3)
3560 for (i
= s
; k
< x
&& i
< s
+ old_length
; i
= utf8_next_char(i
)) {
3563 c
= utf8_encoded_to_unichar(i
);
3566 k
+= unichar_iswide(c
) ? 2 : 1;
3569 if (k
> x
) /* last character was wide and went over quota */
3572 for (j
= s
+ old_length
; k
< new_length
&& j
> i
; ) {
3575 j
= utf8_prev_char(j
);
3576 c
= utf8_encoded_to_unichar(j
);
3579 k
+= unichar_iswide(c
) ? 2 : 1;
3583 /* we don't actually need to ellipsize */
3585 return memdup(s
, old_length
+ 1);
3587 /* make space for ellipsis */
3588 j
= utf8_next_char(j
);
3591 len2
= s
+ old_length
- j
;
3592 e
= new(char, len
+ 3 + len2
+ 1);
3597 printf("old_length=%zu new_length=%zu x=%zu len=%u len2=%u k=%u\n",
3598 old_length, new_length, x, len, len2, k);
3602 e
[len
] = 0xe2; /* tri-dot ellipsis: … */
3606 memcpy(e
+ len
+ 3, j
, len2
+ 1);
3611 char *ellipsize(const char *s
, size_t length
, unsigned percent
) {
3612 return ellipsize_mem(s
, strlen(s
), length
, percent
);
3615 int touch_file(const char *path
, bool parents
, usec_t stamp
, uid_t uid
, gid_t gid
, mode_t mode
) {
3616 _cleanup_close_
int fd
;
3622 mkdir_parents(path
, 0755);
3624 fd
= open(path
, O_WRONLY
|O_CREAT
|O_CLOEXEC
|O_NOCTTY
, mode
> 0 ? mode
: 0644);
3629 r
= fchmod(fd
, mode
);
3634 if (uid
!= UID_INVALID
|| gid
!= GID_INVALID
) {
3635 r
= fchown(fd
, uid
, gid
);
3640 if (stamp
!= USEC_INFINITY
) {
3641 struct timespec ts
[2];
3643 timespec_store(&ts
[0], stamp
);
3645 r
= futimens(fd
, ts
);
3647 r
= futimens(fd
, NULL
);
3654 int touch(const char *path
) {
3655 return touch_file(path
, false, USEC_INFINITY
, UID_INVALID
, GID_INVALID
, 0);
3658 static char *unquote(const char *s
, const char* quotes
) {
3662 /* This is rather stupid, simply removes the heading and
3663 * trailing quotes if there is one. Doesn't care about
3664 * escaping or anything.
3666 * DON'T USE THIS FOR NEW CODE ANYMORE!*/
3672 if (strchr(quotes
, s
[0]) && s
[l
-1] == s
[0])
3673 return strndup(s
+1, l
-2);
3678 char *normalize_env_assignment(const char *s
) {
3679 _cleanup_free_
char *value
= NULL
;
3683 eq
= strchr(s
, '=');
3693 memmove(r
, t
, strlen(t
) + 1);
3698 name
= strndupa(s
, eq
- s
);
3699 p
= strdupa(eq
+ 1);
3701 value
= unquote(strstrip(p
), QUOTES
);
3705 return strjoin(strstrip(name
), "=", value
, NULL
);
3708 int wait_for_terminate(pid_t pid
, siginfo_t
*status
) {
3719 if (waitid(P_PID
, pid
, status
, WEXITED
) < 0) {
3733 * < 0 : wait_for_terminate() failed to get the state of the
3734 * process, the process was terminated by a signal, or
3735 * failed for an unknown reason.
3736 * >=0 : The process terminated normally, and its exit code is
3739 * That is, success is indicated by a return value of zero, and an
3740 * error is indicated by a non-zero value.
3742 * A warning is emitted if the process terminates abnormally,
3743 * and also if it returns non-zero unless check_exit_code is true.
3745 int wait_for_terminate_and_warn(const char *name
, pid_t pid
, bool check_exit_code
) {
3752 r
= wait_for_terminate(pid
, &status
);
3754 return log_warning_errno(r
, "Failed to wait for %s: %m", name
);
3756 if (status
.si_code
== CLD_EXITED
) {
3757 if (status
.si_status
!= 0)
3758 log_full(check_exit_code
? LOG_WARNING
: LOG_DEBUG
,
3759 "%s failed with error code %i.", name
, status
.si_status
);
3761 log_debug("%s succeeded.", name
);
3763 return status
.si_status
;
3764 } else if (status
.si_code
== CLD_KILLED
||
3765 status
.si_code
== CLD_DUMPED
) {
3767 log_warning("%s terminated by signal %s.", name
, signal_to_string(status
.si_status
));
3771 log_warning("%s failed due to unknown reason.", name
);
3775 noreturn
void freeze(void) {
3777 /* Make sure nobody waits for us on a socket anymore */
3778 close_all_fds(NULL
, 0);
3786 bool null_or_empty(struct stat
*st
) {
3789 if (S_ISREG(st
->st_mode
) && st
->st_size
<= 0)
3792 if (S_ISCHR(st
->st_mode
) || S_ISBLK(st
->st_mode
))
3798 int null_or_empty_path(const char *fn
) {
3803 if (stat(fn
, &st
) < 0)
3806 return null_or_empty(&st
);
3809 int null_or_empty_fd(int fd
) {
3814 if (fstat(fd
, &st
) < 0)
3817 return null_or_empty(&st
);
3820 DIR *xopendirat(int fd
, const char *name
, int flags
) {
3824 assert(!(flags
& O_CREAT
));
3826 nfd
= openat(fd
, name
, O_RDONLY
|O_NONBLOCK
|O_DIRECTORY
|O_CLOEXEC
|flags
, 0);
3839 int signal_from_string_try_harder(const char *s
) {
3843 signo
= signal_from_string(s
);
3845 if (startswith(s
, "SIG"))
3846 return signal_from_string(s
+3);
3851 static char *tag_to_udev_node(const char *tagvalue
, const char *by
) {
3852 _cleanup_free_
char *t
= NULL
, *u
= NULL
;
3855 u
= unquote(tagvalue
, QUOTES
);
3859 enc_len
= strlen(u
) * 4 + 1;
3860 t
= new(char, enc_len
);
3864 if (encode_devnode_name(u
, t
, enc_len
) < 0)
3867 return strjoin("/dev/disk/by-", by
, "/", t
, NULL
);
3870 char *fstab_node_to_udev_node(const char *p
) {
3873 if (startswith(p
, "LABEL="))
3874 return tag_to_udev_node(p
+6, "label");
3876 if (startswith(p
, "UUID="))
3877 return tag_to_udev_node(p
+5, "uuid");
3879 if (startswith(p
, "PARTUUID="))
3880 return tag_to_udev_node(p
+9, "partuuid");
3882 if (startswith(p
, "PARTLABEL="))
3883 return tag_to_udev_node(p
+10, "partlabel");
3888 bool tty_is_vc(const char *tty
) {
3891 return vtnr_from_tty(tty
) >= 0;
3894 bool tty_is_console(const char *tty
) {
3897 if (startswith(tty
, "/dev/"))
3900 return streq(tty
, "console");
3903 int vtnr_from_tty(const char *tty
) {
3908 if (startswith(tty
, "/dev/"))
3911 if (!startswith(tty
, "tty") )
3914 if (tty
[3] < '0' || tty
[3] > '9')
3917 r
= safe_atoi(tty
+3, &i
);
3921 if (i
< 0 || i
> 63)
3927 char *resolve_dev_console(char **active
) {
3930 /* Resolve where /dev/console is pointing to, if /sys is actually ours
3931 * (i.e. not read-only-mounted which is a sign for container setups) */
3933 if (path_is_read_only_fs("/sys") > 0)
3936 if (read_one_line_file("/sys/class/tty/console/active", active
) < 0)
3939 /* If multiple log outputs are configured the last one is what
3940 * /dev/console points to */
3941 tty
= strrchr(*active
, ' ');
3947 if (streq(tty
, "tty0")) {
3950 /* Get the active VC (e.g. tty1) */
3951 if (read_one_line_file("/sys/class/tty/tty0/active", &tmp
) >= 0) {
3953 tty
= *active
= tmp
;
3960 bool tty_is_vc_resolve(const char *tty
) {
3961 _cleanup_free_
char *active
= NULL
;
3965 if (startswith(tty
, "/dev/"))
3968 if (streq(tty
, "console")) {
3969 tty
= resolve_dev_console(&active
);
3974 return tty_is_vc(tty
);
3977 const char *default_term_for_tty(const char *tty
) {
3980 return tty_is_vc_resolve(tty
) ? "TERM=linux" : "TERM=vt220";
3983 bool dirent_is_file(const struct dirent
*de
) {
3986 if (hidden_file(de
->d_name
))
3989 if (de
->d_type
!= DT_REG
&&
3990 de
->d_type
!= DT_LNK
&&
3991 de
->d_type
!= DT_UNKNOWN
)
3997 bool dirent_is_file_with_suffix(const struct dirent
*de
, const char *suffix
) {
4000 if (de
->d_type
!= DT_REG
&&
4001 de
->d_type
!= DT_LNK
&&
4002 de
->d_type
!= DT_UNKNOWN
)
4005 if (hidden_file_allow_backup(de
->d_name
))
4008 return endswith(de
->d_name
, suffix
);
4011 static int do_execute(char **directories
, usec_t timeout
, char *argv
[]) {
4012 _cleanup_hashmap_free_free_ Hashmap
*pids
= NULL
;
4013 _cleanup_set_free_free_ Set
*seen
= NULL
;
4016 /* We fork this all off from a child process so that we can
4017 * somewhat cleanly make use of SIGALRM to set a time limit */
4019 reset_all_signal_handlers();
4020 reset_signal_mask();
4022 assert_se(prctl(PR_SET_PDEATHSIG
, SIGTERM
) == 0);
4024 pids
= hashmap_new(NULL
);
4028 seen
= set_new(&string_hash_ops
);
4032 STRV_FOREACH(directory
, directories
) {
4033 _cleanup_closedir_
DIR *d
;
4036 d
= opendir(*directory
);
4038 if (errno
== ENOENT
)
4041 return log_error_errno(errno
, "Failed to open directory %s: %m", *directory
);
4044 FOREACH_DIRENT(de
, d
, break) {
4045 _cleanup_free_
char *path
= NULL
;
4049 if (!dirent_is_file(de
))
4052 if (set_contains(seen
, de
->d_name
)) {
4053 log_debug("%1$s/%2$s skipped (%2$s was already seen).", *directory
, de
->d_name
);
4057 r
= set_put_strdup(seen
, de
->d_name
);
4061 path
= strjoin(*directory
, "/", de
->d_name
, NULL
);
4065 if (null_or_empty_path(path
)) {
4066 log_debug("%s is empty (a mask).", path
);
4072 log_error_errno(errno
, "Failed to fork: %m");
4074 } else if (pid
== 0) {
4077 assert_se(prctl(PR_SET_PDEATHSIG
, SIGTERM
) == 0);
4087 return log_error_errno(errno
, "Failed to execute %s: %m", path
);
4090 log_debug("Spawned %s as " PID_FMT
".", path
, pid
);
4092 r
= hashmap_put(pids
, UINT_TO_PTR(pid
), path
);
4099 /* Abort execution of this process after the timout. We simply
4100 * rely on SIGALRM as default action terminating the process,
4101 * and turn on alarm(). */
4103 if (timeout
!= USEC_INFINITY
)
4104 alarm((timeout
+ USEC_PER_SEC
- 1) / USEC_PER_SEC
);
4106 while (!hashmap_isempty(pids
)) {
4107 _cleanup_free_
char *path
= NULL
;
4110 pid
= PTR_TO_UINT(hashmap_first_key(pids
));
4113 path
= hashmap_remove(pids
, UINT_TO_PTR(pid
));
4116 wait_for_terminate_and_warn(path
, pid
, true);
4122 void execute_directories(const char* const* directories
, usec_t timeout
, char *argv
[]) {
4126 char **dirs
= (char**) directories
;
4128 assert(!strv_isempty(dirs
));
4130 name
= basename(dirs
[0]);
4131 assert(!isempty(name
));
4133 /* Executes all binaries in the directories in parallel and waits
4134 * for them to finish. Optionally a timeout is applied. If a file
4135 * with the same name exists in more than one directory, the
4136 * earliest one wins. */
4138 executor_pid
= fork();
4139 if (executor_pid
< 0) {
4140 log_error_errno(errno
, "Failed to fork: %m");
4143 } else if (executor_pid
== 0) {
4144 r
= do_execute(dirs
, timeout
, argv
);
4145 _exit(r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
);
4148 wait_for_terminate_and_warn(name
, executor_pid
, true);
4151 int kill_and_sigcont(pid_t pid
, int sig
) {
4154 r
= kill(pid
, sig
) < 0 ? -errno
: 0;
4162 bool nulstr_contains(const char*nulstr
, const char *needle
) {
4168 NULSTR_FOREACH(i
, nulstr
)
4169 if (streq(i
, needle
))
4175 bool plymouth_running(void) {
4176 return access("/run/plymouth/pid", F_OK
) >= 0;
4179 char* strshorten(char *s
, size_t l
) {
4188 static bool hostname_valid_char(char c
) {
4190 (c
>= 'a' && c
<= 'z') ||
4191 (c
>= 'A' && c
<= 'Z') ||
4192 (c
>= '0' && c
<= '9') ||
4198 bool hostname_is_valid(const char *s
) {
4205 /* Doesn't accept empty hostnames, hostnames with trailing or
4206 * leading dots, and hostnames with multiple dots in a
4207 * sequence. Also ensures that the length stays below
4210 for (p
= s
, dot
= true; *p
; p
++) {
4217 if (!hostname_valid_char(*p
))
4227 if (p
-s
> HOST_NAME_MAX
)
4233 char* hostname_cleanup(char *s
, bool lowercase
) {
4237 for (p
= s
, d
= s
, dot
= true; *p
; p
++) {
4244 } else if (hostname_valid_char(*p
)) {
4245 *(d
++) = lowercase
? tolower(*p
) : *p
;
4256 strshorten(s
, HOST_NAME_MAX
);
4261 bool machine_name_is_valid(const char *s
) {
4263 if (!hostname_is_valid(s
))
4266 /* Machine names should be useful hostnames, but also be
4267 * useful in unit names, hence we enforce a stricter length
4276 int pipe_eof(int fd
) {
4277 struct pollfd pollfd
= {
4279 .events
= POLLIN
|POLLHUP
,
4284 r
= poll(&pollfd
, 1, 0);
4291 return pollfd
.revents
& POLLHUP
;
4294 int fd_wait_for_event(int fd
, int event
, usec_t t
) {
4296 struct pollfd pollfd
= {
4304 r
= ppoll(&pollfd
, 1, t
== USEC_INFINITY
? NULL
: timespec_store(&ts
, t
), NULL
);
4311 return pollfd
.revents
;
4314 int fopen_temporary(const char *path
, FILE **_f
, char **_temp_path
) {
4323 r
= tempfn_xxxxxx(path
, &t
);
4327 fd
= mkostemp_safe(t
, O_WRONLY
|O_CLOEXEC
);
4333 f
= fdopen(fd
, "we");
4346 int terminal_vhangup_fd(int fd
) {
4349 if (ioctl(fd
, TIOCVHANGUP
) < 0)
4355 int terminal_vhangup(const char *name
) {
4356 _cleanup_close_
int fd
;
4358 fd
= open_terminal(name
, O_RDWR
|O_NOCTTY
|O_CLOEXEC
);
4362 return terminal_vhangup_fd(fd
);
4365 int vt_disallocate(const char *name
) {
4369 /* Deallocate the VT if possible. If not possible
4370 * (i.e. because it is the active one), at least clear it
4371 * entirely (including the scrollback buffer) */
4373 if (!startswith(name
, "/dev/"))
4376 if (!tty_is_vc(name
)) {
4377 /* So this is not a VT. I guess we cannot deallocate
4378 * it then. But let's at least clear the screen */
4380 fd
= open_terminal(name
, O_RDWR
|O_NOCTTY
|O_CLOEXEC
);
4385 "\033[r" /* clear scrolling region */
4386 "\033[H" /* move home */
4387 "\033[2J", /* clear screen */
4394 if (!startswith(name
, "/dev/tty"))
4397 r
= safe_atou(name
+8, &u
);
4404 /* Try to deallocate */
4405 fd
= open_terminal("/dev/tty0", O_RDWR
|O_NOCTTY
|O_CLOEXEC
);
4409 r
= ioctl(fd
, VT_DISALLOCATE
, u
);
4418 /* Couldn't deallocate, so let's clear it fully with
4420 fd
= open_terminal(name
, O_RDWR
|O_NOCTTY
|O_CLOEXEC
);
4425 "\033[r" /* clear scrolling region */
4426 "\033[H" /* move home */
4427 "\033[3J", /* clear screen including scrollback, requires Linux 2.6.40 */
4434 int symlink_atomic(const char *from
, const char *to
) {
4435 _cleanup_free_
char *t
= NULL
;
4441 r
= tempfn_random(to
, &t
);
4445 if (symlink(from
, t
) < 0)
4448 if (rename(t
, to
) < 0) {
4456 int mknod_atomic(const char *path
, mode_t mode
, dev_t dev
) {
4457 _cleanup_free_
char *t
= NULL
;
4462 r
= tempfn_random(path
, &t
);
4466 if (mknod(t
, mode
, dev
) < 0)
4469 if (rename(t
, path
) < 0) {
4477 int mkfifo_atomic(const char *path
, mode_t mode
) {
4478 _cleanup_free_
char *t
= NULL
;
4483 r
= tempfn_random(path
, &t
);
4487 if (mkfifo(t
, mode
) < 0)
4490 if (rename(t
, path
) < 0) {
4498 bool display_is_local(const char *display
) {
4502 display
[0] == ':' &&
4503 display
[1] >= '0' &&
4507 int socket_from_display(const char *display
, char **path
) {
4514 if (!display_is_local(display
))
4517 k
= strspn(display
+1, "0123456789");
4519 f
= new(char, strlen("/tmp/.X11-unix/X") + k
+ 1);
4523 c
= stpcpy(f
, "/tmp/.X11-unix/X");
4524 memcpy(c
, display
+1, k
);
4533 const char **username
,
4534 uid_t
*uid
, gid_t
*gid
,
4536 const char **shell
) {
4544 /* We enforce some special rules for uid=0: in order to avoid
4545 * NSS lookups for root we hardcode its data. */
4547 if (streq(*username
, "root") || streq(*username
, "0")) {
4565 if (parse_uid(*username
, &u
) >= 0) {
4569 /* If there are multiple users with the same id, make
4570 * sure to leave $USER to the configured value instead
4571 * of the first occurrence in the database. However if
4572 * the uid was configured by a numeric uid, then let's
4573 * pick the real username from /etc/passwd. */
4575 *username
= p
->pw_name
;
4578 p
= getpwnam(*username
);
4582 return errno
> 0 ? -errno
: -ESRCH
;
4594 *shell
= p
->pw_shell
;
4599 char* uid_to_name(uid_t uid
) {
4604 return strdup("root");
4608 return strdup(p
->pw_name
);
4610 if (asprintf(&r
, UID_FMT
, uid
) < 0)
4616 char* gid_to_name(gid_t gid
) {
4621 return strdup("root");
4625 return strdup(p
->gr_name
);
4627 if (asprintf(&r
, GID_FMT
, gid
) < 0)
4633 int get_group_creds(const char **groupname
, gid_t
*gid
) {
4639 /* We enforce some special rules for gid=0: in order to avoid
4640 * NSS lookups for root we hardcode its data. */
4642 if (streq(*groupname
, "root") || streq(*groupname
, "0")) {
4643 *groupname
= "root";
4651 if (parse_gid(*groupname
, &id
) >= 0) {
4656 *groupname
= g
->gr_name
;
4659 g
= getgrnam(*groupname
);
4663 return errno
> 0 ? -errno
: -ESRCH
;
4671 int in_gid(gid_t gid
) {
4673 int ngroups_max
, r
, i
;
4675 if (getgid() == gid
)
4678 if (getegid() == gid
)
4681 ngroups_max
= sysconf(_SC_NGROUPS_MAX
);
4682 assert(ngroups_max
> 0);
4684 gids
= alloca(sizeof(gid_t
) * ngroups_max
);
4686 r
= getgroups(ngroups_max
, gids
);
4690 for (i
= 0; i
< r
; i
++)
4697 int in_group(const char *name
) {
4701 r
= get_group_creds(&name
, &gid
);
4708 int glob_exists(const char *path
) {
4709 _cleanup_globfree_ glob_t g
= {};
4715 k
= glob(path
, GLOB_NOSORT
|GLOB_BRACE
, NULL
, &g
);
4717 if (k
== GLOB_NOMATCH
)
4719 else if (k
== GLOB_NOSPACE
)
4722 return !strv_isempty(g
.gl_pathv
);
4724 return errno
? -errno
: -EIO
;
4727 int glob_extend(char ***strv
, const char *path
) {
4728 _cleanup_globfree_ glob_t g
= {};
4733 k
= glob(path
, GLOB_NOSORT
|GLOB_BRACE
, NULL
, &g
);
4735 if (k
== GLOB_NOMATCH
)
4737 else if (k
== GLOB_NOSPACE
)
4739 else if (k
!= 0 || strv_isempty(g
.gl_pathv
))
4740 return errno
? -errno
: -EIO
;
4742 STRV_FOREACH(p
, g
.gl_pathv
) {
4743 k
= strv_extend(strv
, *p
);
4751 int dirent_ensure_type(DIR *d
, struct dirent
*de
) {
4757 if (de
->d_type
!= DT_UNKNOWN
)
4760 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0)
4764 S_ISREG(st
.st_mode
) ? DT_REG
:
4765 S_ISDIR(st
.st_mode
) ? DT_DIR
:
4766 S_ISLNK(st
.st_mode
) ? DT_LNK
:
4767 S_ISFIFO(st
.st_mode
) ? DT_FIFO
:
4768 S_ISSOCK(st
.st_mode
) ? DT_SOCK
:
4769 S_ISCHR(st
.st_mode
) ? DT_CHR
:
4770 S_ISBLK(st
.st_mode
) ? DT_BLK
:
4776 int get_files_in_directory(const char *path
, char ***list
) {
4777 _cleanup_closedir_
DIR *d
= NULL
;
4778 size_t bufsize
= 0, n
= 0;
4779 _cleanup_strv_free_
char **l
= NULL
;
4783 /* Returns all files in a directory in *list, and the number
4784 * of files as return value. If list is NULL returns only the
4796 if (!de
&& errno
!= 0)
4801 dirent_ensure_type(d
, de
);
4803 if (!dirent_is_file(de
))
4807 /* one extra slot is needed for the terminating NULL */
4808 if (!GREEDY_REALLOC(l
, bufsize
, n
+ 2))
4811 l
[n
] = strdup(de
->d_name
);
4822 l
= NULL
; /* avoid freeing */
4828 char *strjoin(const char *x
, ...) {
4842 t
= va_arg(ap
, const char *);
4847 if (n
> ((size_t) -1) - l
) {
4871 t
= va_arg(ap
, const char *);
4885 bool is_main_thread(void) {
4886 static thread_local
int cached
= 0;
4888 if (_unlikely_(cached
== 0))
4889 cached
= getpid() == gettid() ? 1 : -1;
4894 int block_get_whole_disk(dev_t d
, dev_t
*ret
) {
4901 /* If it has a queue this is good enough for us */
4902 if (asprintf(&p
, "/sys/dev/block/%u:%u/queue", major(d
), minor(d
)) < 0)
4905 r
= access(p
, F_OK
);
4913 /* If it is a partition find the originating device */
4914 if (asprintf(&p
, "/sys/dev/block/%u:%u/partition", major(d
), minor(d
)) < 0)
4917 r
= access(p
, F_OK
);
4923 /* Get parent dev_t */
4924 if (asprintf(&p
, "/sys/dev/block/%u:%u/../dev", major(d
), minor(d
)) < 0)
4927 r
= read_one_line_file(p
, &s
);
4933 r
= sscanf(s
, "%u:%u", &m
, &n
);
4939 /* Only return this if it is really good enough for us. */
4940 if (asprintf(&p
, "/sys/dev/block/%u:%u/queue", m
, n
) < 0)
4943 r
= access(p
, F_OK
);
4947 *ret
= makedev(m
, n
);
4954 static const char *const ioprio_class_table
[] = {
4955 [IOPRIO_CLASS_NONE
] = "none",
4956 [IOPRIO_CLASS_RT
] = "realtime",
4957 [IOPRIO_CLASS_BE
] = "best-effort",
4958 [IOPRIO_CLASS_IDLE
] = "idle"
4961 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ioprio_class
, int, INT_MAX
);
4963 static const char *const sigchld_code_table
[] = {
4964 [CLD_EXITED
] = "exited",
4965 [CLD_KILLED
] = "killed",
4966 [CLD_DUMPED
] = "dumped",
4967 [CLD_TRAPPED
] = "trapped",
4968 [CLD_STOPPED
] = "stopped",
4969 [CLD_CONTINUED
] = "continued",
4972 DEFINE_STRING_TABLE_LOOKUP(sigchld_code
, int);
4974 static const char *const log_facility_unshifted_table
[LOG_NFACILITIES
] = {
4975 [LOG_FAC(LOG_KERN
)] = "kern",
4976 [LOG_FAC(LOG_USER
)] = "user",
4977 [LOG_FAC(LOG_MAIL
)] = "mail",
4978 [LOG_FAC(LOG_DAEMON
)] = "daemon",
4979 [LOG_FAC(LOG_AUTH
)] = "auth",
4980 [LOG_FAC(LOG_SYSLOG
)] = "syslog",
4981 [LOG_FAC(LOG_LPR
)] = "lpr",
4982 [LOG_FAC(LOG_NEWS
)] = "news",
4983 [LOG_FAC(LOG_UUCP
)] = "uucp",
4984 [LOG_FAC(LOG_CRON
)] = "cron",
4985 [LOG_FAC(LOG_AUTHPRIV
)] = "authpriv",
4986 [LOG_FAC(LOG_FTP
)] = "ftp",
4987 [LOG_FAC(LOG_LOCAL0
)] = "local0",
4988 [LOG_FAC(LOG_LOCAL1
)] = "local1",
4989 [LOG_FAC(LOG_LOCAL2
)] = "local2",
4990 [LOG_FAC(LOG_LOCAL3
)] = "local3",
4991 [LOG_FAC(LOG_LOCAL4
)] = "local4",
4992 [LOG_FAC(LOG_LOCAL5
)] = "local5",
4993 [LOG_FAC(LOG_LOCAL6
)] = "local6",
4994 [LOG_FAC(LOG_LOCAL7
)] = "local7"
4997 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_facility_unshifted
, int, LOG_FAC(~0));
4999 static const char *const log_level_table
[] = {
5000 [LOG_EMERG
] = "emerg",
5001 [LOG_ALERT
] = "alert",
5002 [LOG_CRIT
] = "crit",
5004 [LOG_WARNING
] = "warning",
5005 [LOG_NOTICE
] = "notice",
5006 [LOG_INFO
] = "info",
5007 [LOG_DEBUG
] = "debug"
5010 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(log_level
, int, LOG_DEBUG
);
5012 static const char* const sched_policy_table
[] = {
5013 [SCHED_OTHER
] = "other",
5014 [SCHED_BATCH
] = "batch",
5015 [SCHED_IDLE
] = "idle",
5016 [SCHED_FIFO
] = "fifo",
5020 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(sched_policy
, int, INT_MAX
);
5022 static const char* const rlimit_table
[_RLIMIT_MAX
] = {
5023 [RLIMIT_CPU
] = "LimitCPU",
5024 [RLIMIT_FSIZE
] = "LimitFSIZE",
5025 [RLIMIT_DATA
] = "LimitDATA",
5026 [RLIMIT_STACK
] = "LimitSTACK",
5027 [RLIMIT_CORE
] = "LimitCORE",
5028 [RLIMIT_RSS
] = "LimitRSS",
5029 [RLIMIT_NOFILE
] = "LimitNOFILE",
5030 [RLIMIT_AS
] = "LimitAS",
5031 [RLIMIT_NPROC
] = "LimitNPROC",
5032 [RLIMIT_MEMLOCK
] = "LimitMEMLOCK",
5033 [RLIMIT_LOCKS
] = "LimitLOCKS",
5034 [RLIMIT_SIGPENDING
] = "LimitSIGPENDING",
5035 [RLIMIT_MSGQUEUE
] = "LimitMSGQUEUE",
5036 [RLIMIT_NICE
] = "LimitNICE",
5037 [RLIMIT_RTPRIO
] = "LimitRTPRIO",
5038 [RLIMIT_RTTIME
] = "LimitRTTIME"
5041 DEFINE_STRING_TABLE_LOOKUP(rlimit
, int);
5043 static const char* const ip_tos_table
[] = {
5044 [IPTOS_LOWDELAY
] = "low-delay",
5045 [IPTOS_THROUGHPUT
] = "throughput",
5046 [IPTOS_RELIABILITY
] = "reliability",
5047 [IPTOS_LOWCOST
] = "low-cost",
5050 DEFINE_STRING_TABLE_LOOKUP_WITH_FALLBACK(ip_tos
, int, 0xff);
5052 static const char *const __signal_table
[] = {
5069 [SIGSTKFLT
] = "STKFLT", /* Linux on SPARC doesn't know SIGSTKFLT */
5080 [SIGVTALRM
] = "VTALRM",
5082 [SIGWINCH
] = "WINCH",
5088 DEFINE_PRIVATE_STRING_TABLE_LOOKUP(__signal
, int);
5090 const char *signal_to_string(int signo
) {
5091 static thread_local
char buf
[sizeof("RTMIN+")-1 + DECIMAL_STR_MAX(int) + 1];
5094 name
= __signal_to_string(signo
);
5098 if (signo
>= SIGRTMIN
&& signo
<= SIGRTMAX
)
5099 snprintf(buf
, sizeof(buf
), "RTMIN+%d", signo
- SIGRTMIN
);
5101 snprintf(buf
, sizeof(buf
), "%d", signo
);
5106 int signal_from_string(const char *s
) {
5111 signo
= __signal_from_string(s
);
5115 if (startswith(s
, "RTMIN+")) {
5119 if (safe_atou(s
, &u
) >= 0) {
5120 signo
= (int) u
+ offset
;
5121 if (signo
> 0 && signo
< _NSIG
)
5127 bool kexec_loaded(void) {
5128 bool loaded
= false;
5131 if (read_one_line_file("/sys/kernel/kexec_loaded", &s
) >= 0) {
5139 int prot_from_flags(int flags
) {
5141 switch (flags
& O_ACCMODE
) {
5150 return PROT_READ
|PROT_WRITE
;
5157 char *format_bytes(char *buf
, size_t l
, off_t t
) {
5160 static const struct {
5164 { "E", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
5165 { "P", 1024ULL*1024ULL*1024ULL*1024ULL*1024ULL },
5166 { "T", 1024ULL*1024ULL*1024ULL*1024ULL },
5167 { "G", 1024ULL*1024ULL*1024ULL },
5168 { "M", 1024ULL*1024ULL },
5172 if (t
== (off_t
) -1)
5175 for (i
= 0; i
< ELEMENTSOF(table
); i
++) {
5177 if (t
>= table
[i
].factor
) {
5180 (unsigned long long) (t
/ table
[i
].factor
),
5181 (unsigned long long) (((t
*10ULL) / table
[i
].factor
) % 10ULL),
5188 snprintf(buf
, l
, "%lluB", (unsigned long long) t
);
5196 void* memdup(const void *p
, size_t l
) {
5209 int fd_inc_sndbuf(int fd
, size_t n
) {
5211 socklen_t l
= sizeof(value
);
5213 r
= getsockopt(fd
, SOL_SOCKET
, SO_SNDBUF
, &value
, &l
);
5214 if (r
>= 0 && l
== sizeof(value
) && (size_t) value
>= n
*2)
5217 /* If we have the privileges we will ignore the kernel limit. */
5220 if (setsockopt(fd
, SOL_SOCKET
, SO_SNDBUFFORCE
, &value
, sizeof(value
)) < 0)
5221 if (setsockopt(fd
, SOL_SOCKET
, SO_SNDBUF
, &value
, sizeof(value
)) < 0)
5227 int fd_inc_rcvbuf(int fd
, size_t n
) {
5229 socklen_t l
= sizeof(value
);
5231 r
= getsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &value
, &l
);
5232 if (r
>= 0 && l
== sizeof(value
) && (size_t) value
>= n
*2)
5235 /* If we have the privileges we will ignore the kernel limit. */
5238 if (setsockopt(fd
, SOL_SOCKET
, SO_RCVBUFFORCE
, &value
, sizeof(value
)) < 0)
5239 if (setsockopt(fd
, SOL_SOCKET
, SO_RCVBUF
, &value
, sizeof(value
)) < 0)
5244 int fork_agent(pid_t
*pid
, const int except
[], unsigned n_except
, const char *path
, ...) {
5245 bool stdout_is_tty
, stderr_is_tty
;
5246 pid_t parent_pid
, agent_pid
;
5247 sigset_t ss
, saved_ss
;
5255 /* Spawns a temporary TTY agent, making sure it goes away when
5258 parent_pid
= getpid();
5260 /* First we temporarily block all signals, so that the new
5261 * child has them blocked initially. This way, we can be sure
5262 * that SIGTERMs are not lost we might send to the agent. */
5263 assert_se(sigfillset(&ss
) >= 0);
5264 assert_se(sigprocmask(SIG_SETMASK
, &ss
, &saved_ss
) >= 0);
5267 if (agent_pid
< 0) {
5268 assert_se(sigprocmask(SIG_SETMASK
, &saved_ss
, NULL
) >= 0);
5272 if (agent_pid
!= 0) {
5273 assert_se(sigprocmask(SIG_SETMASK
, &saved_ss
, NULL
) >= 0);
5280 * Make sure the agent goes away when the parent dies */
5281 if (prctl(PR_SET_PDEATHSIG
, SIGTERM
) < 0)
5282 _exit(EXIT_FAILURE
);
5284 /* Make sure we actually can kill the agent, if we need to, in
5285 * case somebody invoked us from a shell script that trapped
5286 * SIGTERM or so... */
5287 reset_all_signal_handlers();
5288 reset_signal_mask();
5290 /* Check whether our parent died before we were able
5291 * to set the death signal and unblock the signals */
5292 if (getppid() != parent_pid
)
5293 _exit(EXIT_SUCCESS
);
5295 /* Don't leak fds to the agent */
5296 close_all_fds(except
, n_except
);
5298 stdout_is_tty
= isatty(STDOUT_FILENO
);
5299 stderr_is_tty
= isatty(STDERR_FILENO
);
5301 if (!stdout_is_tty
|| !stderr_is_tty
) {
5304 /* Detach from stdout/stderr. and reopen
5305 * /dev/tty for them. This is important to
5306 * ensure that when systemctl is started via
5307 * popen() or a similar call that expects to
5308 * read EOF we actually do generate EOF and
5309 * not delay this indefinitely by because we
5310 * keep an unused copy of stdin around. */
5311 fd
= open("/dev/tty", O_WRONLY
);
5313 log_error_errno(errno
, "Failed to open /dev/tty: %m");
5314 _exit(EXIT_FAILURE
);
5318 dup2(fd
, STDOUT_FILENO
);
5321 dup2(fd
, STDERR_FILENO
);
5327 /* Count arguments */
5329 for (n
= 0; va_arg(ap
, char*); n
++)
5334 l
= alloca(sizeof(char *) * (n
+ 1));
5336 /* Fill in arguments */
5338 for (i
= 0; i
<= n
; i
++)
5339 l
[i
] = va_arg(ap
, char*);
5343 _exit(EXIT_FAILURE
);
5346 int setrlimit_closest(int resource
, const struct rlimit
*rlim
) {
5347 struct rlimit highest
, fixed
;
5351 if (setrlimit(resource
, rlim
) >= 0)
5357 /* So we failed to set the desired setrlimit, then let's try
5358 * to get as close as we can */
5359 assert_se(getrlimit(resource
, &highest
) == 0);
5361 fixed
.rlim_cur
= MIN(rlim
->rlim_cur
, highest
.rlim_max
);
5362 fixed
.rlim_max
= MIN(rlim
->rlim_max
, highest
.rlim_max
);
5364 if (setrlimit(resource
, &fixed
) < 0)
5370 int getenv_for_pid(pid_t pid
, const char *field
, char **_value
) {
5371 _cleanup_fclose_
FILE *f
= NULL
;
5382 path
= procfs_file_alloca(pid
, "environ");
5384 f
= fopen(path
, "re");
5392 char line
[LINE_MAX
];
5395 for (i
= 0; i
< sizeof(line
)-1; i
++) {
5399 if (_unlikely_(c
== EOF
)) {
5409 if (memcmp(line
, field
, l
) == 0 && line
[l
] == '=') {
5410 value
= strdup(line
+ l
+ 1);
5424 bool http_etag_is_valid(const char *etag
) {
5428 if (!endswith(etag
, "\""))
5431 if (!startswith(etag
, "\"") && !startswith(etag
, "W/\""))
5437 bool http_url_is_valid(const char *url
) {
5443 p
= startswith(url
, "http://");
5445 p
= startswith(url
, "https://");
5452 return ascii_is_valid(p
);
5455 bool documentation_url_is_valid(const char *url
) {
5461 if (http_url_is_valid(url
))
5464 p
= startswith(url
, "file:/");
5466 p
= startswith(url
, "info:");
5468 p
= startswith(url
, "man:");
5473 return ascii_is_valid(p
);
5476 bool in_initrd(void) {
5477 static int saved
= -1;
5483 /* We make two checks here:
5485 * 1. the flag file /etc/initrd-release must exist
5486 * 2. the root file system must be a memory file system
5488 * The second check is extra paranoia, since misdetecting an
5489 * initrd can have bad bad consequences due the initrd
5490 * emptying when transititioning to the main systemd.
5493 saved
= access("/etc/initrd-release", F_OK
) >= 0 &&
5494 statfs("/", &s
) >= 0 &&
5495 is_temporary_fs(&s
);
5500 void warn_melody(void) {
5501 _cleanup_close_
int fd
= -1;
5503 fd
= open("/dev/console", O_WRONLY
|O_CLOEXEC
|O_NOCTTY
);
5507 /* Yeah, this is synchronous. Kinda sucks. But well... */
5509 ioctl(fd
, KIOCSOUND
, (int)(1193180/440));
5510 usleep(125*USEC_PER_MSEC
);
5512 ioctl(fd
, KIOCSOUND
, (int)(1193180/220));
5513 usleep(125*USEC_PER_MSEC
);
5515 ioctl(fd
, KIOCSOUND
, (int)(1193180/220));
5516 usleep(125*USEC_PER_MSEC
);
5518 ioctl(fd
, KIOCSOUND
, 0);
5521 int make_console_stdio(void) {
5524 /* Make /dev/console the controlling terminal and stdin/stdout/stderr */
5526 fd
= acquire_terminal("/dev/console", false, true, true, USEC_INFINITY
);
5528 return log_error_errno(fd
, "Failed to acquire terminal: %m");
5532 return log_error_errno(r
, "Failed to duplicate terminal fd: %m");
5537 int get_home_dir(char **_h
) {
5545 /* Take the user specified one */
5546 e
= secure_getenv("HOME");
5547 if (e
&& path_is_absolute(e
)) {
5556 /* Hardcode home directory for root to avoid NSS */
5559 h
= strdup("/root");
5567 /* Check the database... */
5571 return errno
> 0 ? -errno
: -ESRCH
;
5573 if (!path_is_absolute(p
->pw_dir
))
5576 h
= strdup(p
->pw_dir
);
5584 int get_shell(char **_s
) {
5592 /* Take the user specified one */
5593 e
= getenv("SHELL");
5603 /* Hardcode home directory for root to avoid NSS */
5606 s
= strdup("/bin/sh");
5614 /* Check the database... */
5618 return errno
> 0 ? -errno
: -ESRCH
;
5620 if (!path_is_absolute(p
->pw_shell
))
5623 s
= strdup(p
->pw_shell
);
5631 bool filename_is_valid(const char *p
) {
5645 if (strlen(p
) > FILENAME_MAX
)
5651 bool string_is_safe(const char *p
) {
5657 for (t
= p
; *t
; t
++) {
5658 if (*t
> 0 && *t
< ' ')
5661 if (strchr("\\\"\'\0x7f", *t
))
5669 * Check if a string contains control characters. If 'ok' is non-NULL
5670 * it may be a string containing additional CCs to be considered OK.
5672 bool string_has_cc(const char *p
, const char *ok
) {
5677 for (t
= p
; *t
; t
++) {
5678 if (ok
&& strchr(ok
, *t
))
5681 if (*t
> 0 && *t
< ' ')
5691 bool path_is_safe(const char *p
) {
5696 if (streq(p
, "..") || startswith(p
, "../") || endswith(p
, "/..") || strstr(p
, "/../"))
5699 if (strlen(p
) > PATH_MAX
)
5702 /* The following two checks are not really dangerous, but hey, they still are confusing */
5703 if (streq(p
, ".") || startswith(p
, "./") || endswith(p
, "/.") || strstr(p
, "/./"))
5706 if (strstr(p
, "//"))
5712 /* hey glibc, APIs with callbacks without a user pointer are so useless */
5713 void *xbsearch_r(const void *key
, const void *base
, size_t nmemb
, size_t size
,
5714 int (*compar
) (const void *, const void *, void *), void *arg
) {
5723 p
= (void *)(((const char *) base
) + (idx
* size
));
5724 comparison
= compar(key
, p
, arg
);
5727 else if (comparison
> 0)
5735 void init_gettext(void) {
5736 setlocale(LC_ALL
, "");
5737 textdomain(GETTEXT_PACKAGE
);
5740 bool is_locale_utf8(void) {
5742 static int cached_answer
= -1;
5744 if (cached_answer
>= 0)
5747 if (!setlocale(LC_ALL
, "")) {
5748 cached_answer
= true;
5752 set
= nl_langinfo(CODESET
);
5754 cached_answer
= true;
5758 if (streq(set
, "UTF-8")) {
5759 cached_answer
= true;
5763 /* For LC_CTYPE=="C" return true, because CTYPE is effectly
5764 * unset and everything can do to UTF-8 nowadays. */
5765 set
= setlocale(LC_CTYPE
, NULL
);
5767 cached_answer
= true;
5771 /* Check result, but ignore the result if C was set
5775 !getenv("LC_ALL") &&
5776 !getenv("LC_CTYPE") &&
5780 return (bool) cached_answer
;
5783 const char *draw_special_char(DrawSpecialChar ch
) {
5784 static const char *draw_table
[2][_DRAW_SPECIAL_CHAR_MAX
] = {
5787 [DRAW_TREE_VERTICAL
] = "\342\224\202 ", /* │ */
5788 [DRAW_TREE_BRANCH
] = "\342\224\234\342\224\200", /* ├─ */
5789 [DRAW_TREE_RIGHT
] = "\342\224\224\342\224\200", /* └─ */
5790 [DRAW_TREE_SPACE
] = " ", /* */
5791 [DRAW_TRIANGULAR_BULLET
] = "\342\200\243", /* ‣ */
5792 [DRAW_BLACK_CIRCLE
] = "\342\227\217", /* ● */
5793 [DRAW_ARROW
] = "\342\206\222", /* → */
5794 [DRAW_DASH
] = "\342\200\223", /* – */
5797 /* ASCII fallback */ {
5798 [DRAW_TREE_VERTICAL
] = "| ",
5799 [DRAW_TREE_BRANCH
] = "|-",
5800 [DRAW_TREE_RIGHT
] = "`-",
5801 [DRAW_TREE_SPACE
] = " ",
5802 [DRAW_TRIANGULAR_BULLET
] = ">",
5803 [DRAW_BLACK_CIRCLE
] = "*",
5804 [DRAW_ARROW
] = "->",
5809 return draw_table
[!is_locale_utf8()][ch
];
5812 char *strreplace(const char *text
, const char *old_string
, const char *new_string
) {
5815 size_t l
, old_len
, new_len
;
5821 old_len
= strlen(old_string
);
5822 new_len
= strlen(new_string
);
5835 if (!startswith(f
, old_string
)) {
5841 nl
= l
- old_len
+ new_len
;
5842 a
= realloc(r
, nl
+ 1);
5850 t
= stpcpy(t
, new_string
);
5862 char *strip_tab_ansi(char **ibuf
, size_t *_isz
) {
5863 const char *i
, *begin
= NULL
;
5868 } state
= STATE_OTHER
;
5870 size_t osz
= 0, isz
;
5876 /* Strips ANSI color and replaces TABs by 8 spaces */
5878 isz
= _isz
? *_isz
: strlen(*ibuf
);
5880 f
= open_memstream(&obuf
, &osz
);
5884 for (i
= *ibuf
; i
< *ibuf
+ isz
+ 1; i
++) {
5889 if (i
>= *ibuf
+ isz
) /* EOT */
5891 else if (*i
== '\x1B')
5892 state
= STATE_ESCAPE
;
5893 else if (*i
== '\t')
5900 if (i
>= *ibuf
+ isz
) { /* EOT */
5903 } else if (*i
== '[') {
5904 state
= STATE_BRACKET
;
5909 state
= STATE_OTHER
;
5916 if (i
>= *ibuf
+ isz
|| /* EOT */
5917 (!(*i
>= '0' && *i
<= '9') && *i
!= ';' && *i
!= 'm')) {
5920 state
= STATE_OTHER
;
5922 } else if (*i
== 'm')
5923 state
= STATE_OTHER
;
5945 int on_ac_power(void) {
5946 bool found_offline
= false, found_online
= false;
5947 _cleanup_closedir_
DIR *d
= NULL
;
5949 d
= opendir("/sys/class/power_supply");
5951 return errno
== ENOENT
? true : -errno
;
5955 _cleanup_close_
int fd
= -1, device
= -1;
5961 if (!de
&& errno
!= 0)
5967 if (hidden_file(de
->d_name
))
5970 device
= openat(dirfd(d
), de
->d_name
, O_DIRECTORY
|O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
5972 if (errno
== ENOENT
|| errno
== ENOTDIR
)
5978 fd
= openat(device
, "type", O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
5980 if (errno
== ENOENT
)
5986 n
= read(fd
, contents
, sizeof(contents
));
5990 if (n
!= 6 || memcmp(contents
, "Mains\n", 6))
5994 fd
= openat(device
, "online", O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
5996 if (errno
== ENOENT
)
6002 n
= read(fd
, contents
, sizeof(contents
));
6006 if (n
!= 2 || contents
[1] != '\n')
6009 if (contents
[0] == '1') {
6010 found_online
= true;
6012 } else if (contents
[0] == '0')
6013 found_offline
= true;
6018 return found_online
|| !found_offline
;
6021 static int search_and_fopen_internal(const char *path
, const char *mode
, const char *root
, char **search
, FILE **_f
) {
6028 if (!path_strv_resolve_uniq(search
, root
))
6031 STRV_FOREACH(i
, search
) {
6032 _cleanup_free_
char *p
= NULL
;
6036 p
= strjoin(root
, *i
, "/", path
, NULL
);
6038 p
= strjoin(*i
, "/", path
, NULL
);
6048 if (errno
!= ENOENT
)
6055 int search_and_fopen(const char *path
, const char *mode
, const char *root
, const char **search
, FILE **_f
) {
6056 _cleanup_strv_free_
char **copy
= NULL
;
6062 if (path_is_absolute(path
)) {
6065 f
= fopen(path
, mode
);
6074 copy
= strv_copy((char**) search
);
6078 return search_and_fopen_internal(path
, mode
, root
, copy
, _f
);
6081 int search_and_fopen_nulstr(const char *path
, const char *mode
, const char *root
, const char *search
, FILE **_f
) {
6082 _cleanup_strv_free_
char **s
= NULL
;
6084 if (path_is_absolute(path
)) {
6087 f
= fopen(path
, mode
);
6096 s
= strv_split_nulstr(search
);
6100 return search_and_fopen_internal(path
, mode
, root
, s
, _f
);
6103 char *strextend(char **x
, ...) {
6110 l
= f
= *x
? strlen(*x
) : 0;
6117 t
= va_arg(ap
, const char *);
6122 if (n
> ((size_t) -1) - l
) {
6131 r
= realloc(*x
, l
+1);
6141 t
= va_arg(ap
, const char *);
6155 char *strrep(const char *s
, unsigned n
) {
6163 p
= r
= malloc(l
* n
+ 1);
6167 for (i
= 0; i
< n
; i
++)
6174 void* greedy_realloc(void **p
, size_t *allocated
, size_t need
, size_t size
) {
6181 if (*allocated
>= need
)
6184 newalloc
= MAX(need
* 2, 64u / size
);
6185 a
= newalloc
* size
;
6187 /* check for overflows */
6188 if (a
< size
* need
)
6196 *allocated
= newalloc
;
6200 void* greedy_realloc0(void **p
, size_t *allocated
, size_t need
, size_t size
) {
6209 q
= greedy_realloc(p
, allocated
, need
, size
);
6213 if (*allocated
> prev
)
6214 memzero(q
+ prev
* size
, (*allocated
- prev
) * size
);
6219 bool id128_is_valid(const char *s
) {
6225 /* Simple formatted 128bit hex string */
6227 for (i
= 0; i
< l
; i
++) {
6230 if (!(c
>= '0' && c
<= '9') &&
6231 !(c
>= 'a' && c
<= 'z') &&
6232 !(c
>= 'A' && c
<= 'Z'))
6236 } else if (l
== 36) {
6238 /* Formatted UUID */
6240 for (i
= 0; i
< l
; i
++) {
6243 if ((i
== 8 || i
== 13 || i
== 18 || i
== 23)) {
6247 if (!(c
>= '0' && c
<= '9') &&
6248 !(c
>= 'a' && c
<= 'z') &&
6249 !(c
>= 'A' && c
<= 'Z'))
6260 int split_pair(const char *s
, const char *sep
, char **l
, char **r
) {
6275 a
= strndup(s
, x
- s
);
6279 b
= strdup(x
+ strlen(sep
));
6291 int shall_restore_state(void) {
6292 _cleanup_free_
char *value
= NULL
;
6295 r
= get_proc_cmdline_key("systemd.restore_state=", &value
);
6301 return parse_boolean(value
) != 0;
6304 int proc_cmdline(char **ret
) {
6307 if (detect_container(NULL
) > 0)
6308 return get_process_cmdline(1, 0, false, ret
);
6310 return read_one_line_file("/proc/cmdline", ret
);
6313 int parse_proc_cmdline(int (*parse_item
)(const char *key
, const char *value
)) {
6314 _cleanup_free_
char *line
= NULL
;
6320 r
= proc_cmdline(&line
);
6326 _cleanup_free_
char *word
= NULL
;
6329 r
= unquote_first_word(&p
, &word
, UNQUOTE_RELAX
);
6335 /* Filter out arguments that are intended only for the
6337 if (!in_initrd() && startswith(word
, "rd."))
6340 value
= strchr(word
, '=');
6344 r
= parse_item(word
, value
);
6352 int get_proc_cmdline_key(const char *key
, char **value
) {
6353 _cleanup_free_
char *line
= NULL
, *ret
= NULL
;
6360 r
= proc_cmdline(&line
);
6366 _cleanup_free_
char *word
= NULL
;
6369 r
= unquote_first_word(&p
, &word
, UNQUOTE_RELAX
);
6375 /* Filter out arguments that are intended only for the
6377 if (!in_initrd() && startswith(word
, "rd."))
6381 e
= startswith(word
, key
);
6385 r
= free_and_strdup(&ret
, e
);
6391 if (streq(word
, key
))
6405 int container_get_leader(const char *machine
, pid_t
*pid
) {
6406 _cleanup_free_
char *s
= NULL
, *class = NULL
;
6414 p
= strjoina("/run/systemd/machines/", machine
);
6415 r
= parse_env_file(p
, NEWLINE
, "LEADER", &s
, "CLASS", &class, NULL
);
6423 if (!streq_ptr(class, "container"))
6426 r
= parse_pid(s
, &leader
);
6436 int namespace_open(pid_t pid
, int *pidns_fd
, int *mntns_fd
, int *netns_fd
, int *root_fd
) {
6437 _cleanup_close_
int pidnsfd
= -1, mntnsfd
= -1, netnsfd
= -1;
6445 mntns
= procfs_file_alloca(pid
, "ns/mnt");
6446 mntnsfd
= open(mntns
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
);
6454 pidns
= procfs_file_alloca(pid
, "ns/pid");
6455 pidnsfd
= open(pidns
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
);
6463 netns
= procfs_file_alloca(pid
, "ns/net");
6464 netnsfd
= open(netns
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
);
6472 root
= procfs_file_alloca(pid
, "root");
6473 rfd
= open(root
, O_RDONLY
|O_NOCTTY
|O_CLOEXEC
|O_DIRECTORY
);
6479 *pidns_fd
= pidnsfd
;
6482 *mntns_fd
= mntnsfd
;
6485 *netns_fd
= netnsfd
;
6490 pidnsfd
= mntnsfd
= netnsfd
= -1;
6495 int namespace_enter(int pidns_fd
, int mntns_fd
, int netns_fd
, int root_fd
) {
6498 if (setns(pidns_fd
, CLONE_NEWPID
) < 0)
6502 if (setns(mntns_fd
, CLONE_NEWNS
) < 0)
6506 if (setns(netns_fd
, CLONE_NEWNET
) < 0)
6510 if (fchdir(root_fd
) < 0)
6513 if (chroot(".") < 0)
6517 if (setresgid(0, 0, 0) < 0)
6520 if (setgroups(0, NULL
) < 0)
6523 if (setresuid(0, 0, 0) < 0)
6529 bool pid_is_unwaited(pid_t pid
) {
6530 /* Checks whether a PID is still valid at all, including a zombie */
6535 if (kill(pid
, 0) >= 0)
6538 return errno
!= ESRCH
;
6541 bool pid_is_alive(pid_t pid
) {
6544 /* Checks whether a PID is still valid and not a zombie */
6549 r
= get_process_state(pid
);
6550 if (r
== -ENOENT
|| r
== 'Z')
6556 int getpeercred(int fd
, struct ucred
*ucred
) {
6557 socklen_t n
= sizeof(struct ucred
);
6564 r
= getsockopt(fd
, SOL_SOCKET
, SO_PEERCRED
, &u
, &n
);
6568 if (n
!= sizeof(struct ucred
))
6571 /* Check if the data is actually useful and not suppressed due
6572 * to namespacing issues */
6575 if (u
.uid
== UID_INVALID
)
6577 if (u
.gid
== GID_INVALID
)
6584 int getpeersec(int fd
, char **ret
) {
6596 r
= getsockopt(fd
, SOL_SOCKET
, SO_PEERSEC
, s
, &n
);
6600 if (errno
!= ERANGE
)
6607 r
= getsockopt(fd
, SOL_SOCKET
, SO_PEERSEC
, s
, &n
);
6623 /* This is much like like mkostemp() but is subject to umask(). */
6624 int mkostemp_safe(char *pattern
, int flags
) {
6625 _cleanup_umask_ mode_t u
;
6632 fd
= mkostemp(pattern
, flags
);
6639 int open_tmpfile(const char *path
, int flags
) {
6646 /* Try O_TMPFILE first, if it is supported */
6647 fd
= open(path
, flags
|O_TMPFILE
, S_IRUSR
|S_IWUSR
);
6652 /* Fall back to unguessable name + unlinking */
6653 p
= strjoina(path
, "/systemd-tmp-XXXXXX");
6655 fd
= mkostemp_safe(p
, flags
);
6663 int fd_warn_permissions(const char *path
, int fd
) {
6666 if (fstat(fd
, &st
) < 0)
6669 if (st
.st_mode
& 0111)
6670 log_warning("Configuration file %s is marked executable. Please remove executable permission bits. Proceeding anyway.", path
);
6672 if (st
.st_mode
& 0002)
6673 log_warning("Configuration file %s is marked world-writable. Please remove world writability permission bits. Proceeding anyway.", path
);
6675 if (getpid() == 1 && (st
.st_mode
& 0044) != 0044)
6676 log_warning("Configuration file %s is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.", path
);
6681 unsigned long personality_from_string(const char *p
) {
6683 /* Parse a personality specifier. We introduce our own
6684 * identifiers that indicate specific ABIs, rather than just
6685 * hints regarding the register size, since we want to keep
6686 * things open for multiple locally supported ABIs for the
6687 * same register size. We try to reuse the ABI identifiers
6688 * used by libseccomp. */
6690 #if defined(__x86_64__)
6692 if (streq(p
, "x86"))
6695 if (streq(p
, "x86-64"))
6698 #elif defined(__i386__)
6700 if (streq(p
, "x86"))
6704 /* personality(7) documents that 0xffffffffUL is used for
6705 * querying the current personality, hence let's use that here
6706 * as error indicator. */
6707 return 0xffffffffUL
;
6710 const char* personality_to_string(unsigned long p
) {
6712 #if defined(__x86_64__)
6714 if (p
== PER_LINUX32
)
6720 #elif defined(__i386__)
6729 uint64_t physical_memory(void) {
6732 /* We return this as uint64_t in case we are running as 32bit
6733 * process on a 64bit kernel with huge amounts of memory */
6735 mem
= sysconf(_SC_PHYS_PAGES
);
6738 return (uint64_t) mem
* (uint64_t) page_size();
6741 void hexdump(FILE *f
, const void *p
, size_t s
) {
6742 const uint8_t *b
= p
;
6745 assert(s
== 0 || b
);
6750 fprintf(f
, "%04x ", n
);
6752 for (i
= 0; i
< 16; i
++) {
6757 fprintf(f
, "%02x ", b
[i
]);
6765 for (i
= 0; i
< 16; i
++) {
6770 fputc(isprint(b
[i
]) ? (char) b
[i
] : '.', f
);
6784 int update_reboot_param_file(const char *param
) {
6789 r
= write_string_file(REBOOT_PARAM_FILE
, param
);
6791 log_error("Failed to write reboot param to "
6792 REBOOT_PARAM_FILE
": %s", strerror(-r
));
6794 unlink(REBOOT_PARAM_FILE
);
6799 int umount_recursive(const char *prefix
, int flags
) {
6803 /* Try to umount everything recursively below a
6804 * directory. Also, take care of stacked mounts, and keep
6805 * unmounting them until they are gone. */
6808 _cleanup_fclose_
FILE *proc_self_mountinfo
= NULL
;
6813 proc_self_mountinfo
= fopen("/proc/self/mountinfo", "re");
6814 if (!proc_self_mountinfo
)
6818 _cleanup_free_
char *path
= NULL
, *p
= NULL
;
6821 k
= fscanf(proc_self_mountinfo
,
6822 "%*s " /* (1) mount id */
6823 "%*s " /* (2) parent id */
6824 "%*s " /* (3) major:minor */
6825 "%*s " /* (4) root */
6826 "%ms " /* (5) mount point */
6827 "%*s" /* (6) mount options */
6828 "%*[^-]" /* (7) optional fields */
6829 "- " /* (8) separator */
6830 "%*s " /* (9) file system type */
6831 "%*s" /* (10) mount source */
6832 "%*s" /* (11) mount options 2 */
6833 "%*[^\n]", /* some rubbish at the end */
6842 r
= cunescape(path
, UNESCAPE_RELAX
, &p
);
6846 if (!path_startswith(p
, prefix
))
6849 if (umount2(p
, flags
) < 0) {
6865 static int get_mount_flags(const char *path
, unsigned long *flags
) {
6868 if (statvfs(path
, &buf
) < 0)
6870 *flags
= buf
.f_flag
;
6874 int bind_remount_recursive(const char *prefix
, bool ro
) {
6875 _cleanup_set_free_free_ Set
*done
= NULL
;
6876 _cleanup_free_
char *cleaned
= NULL
;
6879 /* Recursively remount a directory (and all its submounts)
6880 * read-only or read-write. If the directory is already
6881 * mounted, we reuse the mount and simply mark it
6882 * MS_BIND|MS_RDONLY (or remove the MS_RDONLY for read-write
6883 * operation). If it isn't we first make it one. Afterwards we
6884 * apply MS_BIND|MS_RDONLY (or remove MS_RDONLY) to all
6885 * submounts we can access, too. When mounts are stacked on
6886 * the same mount point we only care for each individual
6887 * "top-level" mount on each point, as we cannot
6888 * influence/access the underlying mounts anyway. We do not
6889 * have any effect on future submounts that might get
6890 * propagated, they migt be writable. This includes future
6891 * submounts that have been triggered via autofs. */
6893 cleaned
= strdup(prefix
);
6897 path_kill_slashes(cleaned
);
6899 done
= set_new(&string_hash_ops
);
6904 _cleanup_fclose_
FILE *proc_self_mountinfo
= NULL
;
6905 _cleanup_set_free_free_ Set
*todo
= NULL
;
6906 bool top_autofs
= false;
6908 unsigned long orig_flags
;
6910 todo
= set_new(&string_hash_ops
);
6914 proc_self_mountinfo
= fopen("/proc/self/mountinfo", "re");
6915 if (!proc_self_mountinfo
)
6919 _cleanup_free_
char *path
= NULL
, *p
= NULL
, *type
= NULL
;
6922 k
= fscanf(proc_self_mountinfo
,
6923 "%*s " /* (1) mount id */
6924 "%*s " /* (2) parent id */
6925 "%*s " /* (3) major:minor */
6926 "%*s " /* (4) root */
6927 "%ms " /* (5) mount point */
6928 "%*s" /* (6) mount options (superblock) */
6929 "%*[^-]" /* (7) optional fields */
6930 "- " /* (8) separator */
6931 "%ms " /* (9) file system type */
6932 "%*s" /* (10) mount source */
6933 "%*s" /* (11) mount options (bind mount) */
6934 "%*[^\n]", /* some rubbish at the end */
6944 r
= cunescape(path
, UNESCAPE_RELAX
, &p
);
6948 /* Let's ignore autofs mounts. If they aren't
6949 * triggered yet, we want to avoid triggering
6950 * them, as we don't make any guarantees for
6951 * future submounts anyway. If they are
6952 * already triggered, then we will find
6953 * another entry for this. */
6954 if (streq(type
, "autofs")) {
6955 top_autofs
= top_autofs
|| path_equal(cleaned
, p
);
6959 if (path_startswith(p
, cleaned
) &&
6960 !set_contains(done
, p
)) {
6962 r
= set_consume(todo
, p
);
6972 /* If we have no submounts to process anymore and if
6973 * the root is either already done, or an autofs, we
6975 if (set_isempty(todo
) &&
6976 (top_autofs
|| set_contains(done
, cleaned
)))
6979 if (!set_contains(done
, cleaned
) &&
6980 !set_contains(todo
, cleaned
)) {
6981 /* The prefix directory itself is not yet a
6982 * mount, make it one. */
6983 if (mount(cleaned
, cleaned
, NULL
, MS_BIND
|MS_REC
, NULL
) < 0)
6987 (void) get_mount_flags(cleaned
, &orig_flags
);
6988 orig_flags
&= ~MS_RDONLY
;
6990 if (mount(NULL
, prefix
, NULL
, orig_flags
|MS_BIND
|MS_REMOUNT
|(ro
? MS_RDONLY
: 0), NULL
) < 0)
6993 x
= strdup(cleaned
);
6997 r
= set_consume(done
, x
);
7002 while ((x
= set_steal_first(todo
))) {
7004 r
= set_consume(done
, x
);
7010 /* Try to reuse the original flag set, but
7011 * don't care for errors, in case of
7012 * obstructed mounts */
7014 (void) get_mount_flags(x
, &orig_flags
);
7015 orig_flags
&= ~MS_RDONLY
;
7017 if (mount(NULL
, x
, NULL
, orig_flags
|MS_BIND
|MS_REMOUNT
|(ro
? MS_RDONLY
: 0), NULL
) < 0) {
7019 /* Deal with mount points that are
7020 * obstructed by a later mount */
7022 if (errno
!= ENOENT
)
7030 int fflush_and_check(FILE *f
) {
7037 return errno
? -errno
: -EIO
;
7042 int tempfn_xxxxxx(const char *p
, char **ret
) {
7054 * /foo/bar/.#waldoXXXXXX
7058 if (!filename_is_valid(fn
))
7061 t
= new(char, strlen(p
) + 2 + 6 + 1);
7065 strcpy(stpcpy(stpcpy(mempcpy(t
, p
, fn
- p
), ".#"), fn
), "XXXXXX");
7067 *ret
= path_kill_slashes(t
);
7071 int tempfn_random(const char *p
, char **ret
) {
7085 * /foo/bar/.#waldobaa2a261115984a9
7089 if (!filename_is_valid(fn
))
7092 t
= new(char, strlen(p
) + 2 + 16 + 1);
7096 x
= stpcpy(stpcpy(mempcpy(t
, p
, fn
- p
), ".#"), fn
);
7099 for (i
= 0; i
< 16; i
++) {
7100 *(x
++) = hexchar(u
& 0xF);
7106 *ret
= path_kill_slashes(t
);
7110 int tempfn_random_child(const char *p
, char **ret
) {
7121 * /foo/bar/waldo/.#3c2b6219aa75d7d0
7124 t
= new(char, strlen(p
) + 3 + 16 + 1);
7128 x
= stpcpy(stpcpy(t
, p
), "/.#");
7131 for (i
= 0; i
< 16; i
++) {
7132 *(x
++) = hexchar(u
& 0xF);
7138 *ret
= path_kill_slashes(t
);
7142 /* make sure the hostname is not "localhost" */
7143 bool is_localhost(const char *hostname
) {
7146 /* This tries to identify local host and domain names
7147 * described in RFC6761 plus the redhatism of .localdomain */
7149 return streq(hostname
, "localhost") ||
7150 streq(hostname
, "localhost.") ||
7151 streq(hostname
, "localdomain.") ||
7152 streq(hostname
, "localdomain") ||
7153 endswith(hostname
, ".localhost") ||
7154 endswith(hostname
, ".localhost.") ||
7155 endswith(hostname
, ".localdomain") ||
7156 endswith(hostname
, ".localdomain.");
7159 int take_password_lock(const char *root
) {
7161 struct flock flock
= {
7163 .l_whence
= SEEK_SET
,
7171 /* This is roughly the same as lckpwdf(), but not as awful. We
7172 * don't want to use alarm() and signals, hence we implement
7173 * our own trivial version of this.
7175 * Note that shadow-utils also takes per-database locks in
7176 * addition to lckpwdf(). However, we don't given that they
7177 * are redundant as they they invoke lckpwdf() first and keep
7178 * it during everything they do. The per-database locks are
7179 * awfully racy, and thus we just won't do them. */
7182 path
= strjoina(root
, "/etc/.pwd.lock");
7184 path
= "/etc/.pwd.lock";
7186 fd
= open(path
, O_WRONLY
|O_CREAT
|O_CLOEXEC
|O_NOCTTY
|O_NOFOLLOW
, 0600);
7190 r
= fcntl(fd
, F_SETLKW
, &flock
);
7199 int is_symlink(const char *path
) {
7202 if (lstat(path
, &info
) < 0)
7205 return !!S_ISLNK(info
.st_mode
);
7208 int is_dir(const char* path
, bool follow
) {
7213 r
= stat(path
, &st
);
7215 r
= lstat(path
, &st
);
7219 return !!S_ISDIR(st
.st_mode
);
7222 int unquote_first_word(const char **p
, char **ret
, UnquoteFlags flags
) {
7223 _cleanup_free_
char *s
= NULL
;
7224 size_t allocated
= 0, sz
= 0;
7232 SINGLE_QUOTE_ESCAPE
,
7234 DOUBLE_QUOTE_ESCAPE
,
7242 /* Parses the first word of a string, and returns it in
7243 * *ret. Removes all quotes in the process. When parsing fails
7244 * (because of an uneven number of quotes or similar), leaves
7245 * the pointer *p at the first invalid character. */
7255 else if (strchr(WHITESPACE
, c
))
7265 state
= SINGLE_QUOTE
;
7267 state
= VALUE_ESCAPE
;
7269 state
= DOUBLE_QUOTE
;
7270 else if (strchr(WHITESPACE
, c
))
7273 if (!GREEDY_REALLOC(s
, allocated
, sz
+2))
7283 if (flags
& UNQUOTE_RELAX
)
7288 if (!GREEDY_REALLOC(s
, allocated
, sz
+7))
7291 if (flags
& UNQUOTE_CUNESCAPE
) {
7294 r
= cunescape_one(*p
, (size_t) -1, &c
, &u
);
7301 s
[sz
++] = c
; /* normal explicit char */
7303 sz
+= utf8_encode_unichar(s
+ sz
, u
); /* unicode chars we'll encode as utf8 */
7312 if (flags
& UNQUOTE_RELAX
)
7315 } else if (c
== '\'')
7318 state
= SINGLE_QUOTE_ESCAPE
;
7320 if (!GREEDY_REALLOC(s
, allocated
, sz
+2))
7328 case SINGLE_QUOTE_ESCAPE
:
7330 if (flags
& UNQUOTE_RELAX
)
7335 if (!GREEDY_REALLOC(s
, allocated
, sz
+7))
7338 if (flags
& UNQUOTE_CUNESCAPE
) {
7341 r
= cunescape_one(*p
, (size_t) -1, &c
, &u
);
7350 sz
+= utf8_encode_unichar(s
+ sz
, u
);
7354 state
= SINGLE_QUOTE
;
7363 state
= DOUBLE_QUOTE_ESCAPE
;
7365 if (!GREEDY_REALLOC(s
, allocated
, sz
+2))
7373 case DOUBLE_QUOTE_ESCAPE
:
7375 if (flags
& UNQUOTE_RELAX
)
7380 if (!GREEDY_REALLOC(s
, allocated
, sz
+7))
7383 if (flags
& UNQUOTE_CUNESCAPE
) {
7386 r
= cunescape_one(*p
, (size_t) -1, &c
, &u
);
7395 sz
+= utf8_encode_unichar(s
+ sz
, u
);
7399 state
= DOUBLE_QUOTE
;
7405 if (!strchr(WHITESPACE
, c
))
7427 int unquote_many_words(const char **p
, UnquoteFlags flags
, ...) {
7432 /* Parses a number of words from a string, stripping any
7433 * quotes if necessary. */
7437 /* Count how many words are expected */
7438 va_start(ap
, flags
);
7440 if (!va_arg(ap
, char **))
7449 /* Read all words into a temporary array */
7450 l
= newa0(char*, n
);
7451 for (c
= 0; c
< n
; c
++) {
7453 r
= unquote_first_word(p
, &l
[c
], flags
);
7457 for (j
= 0; j
< c
; j
++)
7467 /* If we managed to parse all words, return them in the passed
7469 va_start(ap
, flags
);
7470 for (i
= 0; i
< n
; i
++) {
7473 v
= va_arg(ap
, char **);
7483 int free_and_strdup(char **p
, const char *s
) {
7488 /* Replaces a string pointer with an strdup()ed new string,
7489 * possibly freeing the old one. */
7504 int sethostname_idempotent(const char *s
) {
7506 char buf
[HOST_NAME_MAX
+ 1] = {};
7510 r
= gethostname(buf
, sizeof(buf
));
7517 r
= sethostname(s
, strlen(s
));
7524 int ptsname_malloc(int fd
, char **ret
) {
7537 if (ptsname_r(fd
, c
, l
) == 0) {
7541 if (errno
!= ERANGE
) {
7551 int openpt_in_namespace(pid_t pid
, int flags
) {
7552 _cleanup_close_
int pidnsfd
= -1, mntnsfd
= -1, rootfd
= -1;
7553 _cleanup_close_pair_
int pair
[2] = { -1, -1 };
7555 struct cmsghdr cmsghdr
;
7556 uint8_t buf
[CMSG_SPACE(sizeof(int))];
7558 struct msghdr mh
= {
7559 .msg_control
= &control
,
7560 .msg_controllen
= sizeof(control
),
7562 struct cmsghdr
*cmsg
;
7569 r
= namespace_open(pid
, &pidnsfd
, &mntnsfd
, NULL
, &rootfd
);
7573 if (socketpair(AF_UNIX
, SOCK_DGRAM
, 0, pair
) < 0)
7583 pair
[0] = safe_close(pair
[0]);
7585 r
= namespace_enter(pidnsfd
, mntnsfd
, -1, rootfd
);
7587 _exit(EXIT_FAILURE
);
7589 master
= posix_openpt(flags
);
7591 _exit(EXIT_FAILURE
);
7593 cmsg
= CMSG_FIRSTHDR(&mh
);
7594 cmsg
->cmsg_level
= SOL_SOCKET
;
7595 cmsg
->cmsg_type
= SCM_RIGHTS
;
7596 cmsg
->cmsg_len
= CMSG_LEN(sizeof(int));
7597 memcpy(CMSG_DATA(cmsg
), &master
, sizeof(int));
7599 mh
.msg_controllen
= cmsg
->cmsg_len
;
7601 if (sendmsg(pair
[1], &mh
, MSG_NOSIGNAL
) < 0)
7602 _exit(EXIT_FAILURE
);
7604 _exit(EXIT_SUCCESS
);
7607 pair
[1] = safe_close(pair
[1]);
7609 r
= wait_for_terminate(child
, &si
);
7612 if (si
.si_code
!= CLD_EXITED
|| si
.si_status
!= EXIT_SUCCESS
)
7615 if (recvmsg(pair
[0], &mh
, MSG_NOSIGNAL
|MSG_CMSG_CLOEXEC
) < 0)
7618 for (cmsg
= CMSG_FIRSTHDR(&mh
); cmsg
; cmsg
= CMSG_NXTHDR(&mh
, cmsg
))
7619 if (cmsg
->cmsg_level
== SOL_SOCKET
&& cmsg
->cmsg_type
== SCM_RIGHTS
) {
7623 fds
= (int*) CMSG_DATA(cmsg
);
7624 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
7627 close_many(fds
, n_fds
);
7637 ssize_t
fgetxattrat_fake(int dirfd
, const char *filename
, const char *attribute
, void *value
, size_t size
, int flags
) {
7638 _cleanup_close_
int fd
= -1;
7641 /* The kernel doesn't have a fgetxattrat() command, hence let's emulate one */
7643 fd
= openat(dirfd
, filename
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
|O_NOATIME
|(flags
& AT_SYMLINK_NOFOLLOW
? O_NOFOLLOW
: 0));
7647 l
= fgetxattr(fd
, attribute
, value
, size
);
7654 static int parse_crtime(le64_t le
, usec_t
*usec
) {
7660 if (u
== 0 || u
== (uint64_t) -1)
7667 int fd_getcrtime(int fd
, usec_t
*usec
) {
7674 /* Until Linux gets a real concept of birthtime/creation time,
7675 * let's fake one with xattrs */
7677 n
= fgetxattr(fd
, "user.crtime_usec", &le
, sizeof(le
));
7680 if (n
!= sizeof(le
))
7683 return parse_crtime(le
, usec
);
7686 int fd_getcrtime_at(int dirfd
, const char *name
, usec_t
*usec
, int flags
) {
7690 n
= fgetxattrat_fake(dirfd
, name
, "user.crtime_usec", &le
, sizeof(le
), flags
);
7693 if (n
!= sizeof(le
))
7696 return parse_crtime(le
, usec
);
7699 int path_getcrtime(const char *p
, usec_t
*usec
) {
7706 n
= getxattr(p
, "user.crtime_usec", &le
, sizeof(le
));
7709 if (n
!= sizeof(le
))
7712 return parse_crtime(le
, usec
);
7715 int fd_setcrtime(int fd
, usec_t usec
) {
7721 usec
= now(CLOCK_REALTIME
);
7723 le
= htole64((uint64_t) usec
);
7724 if (fsetxattr(fd
, "user.crtime_usec", &le
, sizeof(le
), 0) < 0)
7730 int same_fd(int a
, int b
) {
7731 struct stat sta
, stb
;
7738 /* Compares two file descriptors. Note that semantics are
7739 * quite different depending on whether we have kcmp() or we
7740 * don't. If we have kcmp() this will only return true for
7741 * dup()ed file descriptors, but not otherwise. If we don't
7742 * have kcmp() this will also return true for two fds of the same
7743 * file, created by separate open() calls. Since we use this
7744 * call mostly for filtering out duplicates in the fd store
7745 * this difference hopefully doesn't matter too much. */
7750 /* Try to use kcmp() if we have it. */
7752 r
= kcmp(pid
, pid
, KCMP_FILE
, a
, b
);
7757 if (errno
!= ENOSYS
)
7760 /* We don't have kcmp(), use fstat() instead. */
7761 if (fstat(a
, &sta
) < 0)
7764 if (fstat(b
, &stb
) < 0)
7767 if ((sta
.st_mode
& S_IFMT
) != (stb
.st_mode
& S_IFMT
))
7770 /* We consider all device fds different, since two device fds
7771 * might refer to quite different device contexts even though
7772 * they share the same inode and backing dev_t. */
7774 if (S_ISCHR(sta
.st_mode
) || S_ISBLK(sta
.st_mode
))
7777 if (sta
.st_dev
!= stb
.st_dev
|| sta
.st_ino
!= stb
.st_ino
)
7780 /* The fds refer to the same inode on disk, let's also check
7781 * if they have the same fd flags. This is useful to
7782 * distuingish the read and write side of a pipe created with
7784 fa
= fcntl(a
, F_GETFL
);
7788 fb
= fcntl(b
, F_GETFL
);
7795 int chattr_fd(int fd
, unsigned value
, unsigned mask
) {
7796 unsigned old_attr
, new_attr
;
7803 if (ioctl(fd
, FS_IOC_GETFLAGS
, &old_attr
) < 0)
7806 new_attr
= (old_attr
& ~mask
) | (value
& mask
);
7807 if (new_attr
== old_attr
)
7810 if (ioctl(fd
, FS_IOC_SETFLAGS
, &new_attr
) < 0)
7816 int chattr_path(const char *p
, unsigned value
, unsigned mask
) {
7817 _cleanup_close_
int fd
= -1;
7824 fd
= open(p
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
|O_NOFOLLOW
);
7828 return chattr_fd(fd
, value
, mask
);
7831 int read_attr_fd(int fd
, unsigned *ret
) {
7834 if (ioctl(fd
, FS_IOC_GETFLAGS
, ret
) < 0)
7840 int read_attr_path(const char *p
, unsigned *ret
) {
7841 _cleanup_close_
int fd
= -1;
7846 fd
= open(p
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
|O_NOFOLLOW
);
7850 return read_attr_fd(fd
, ret
);
7853 int make_lock_file(const char *p
, int operation
, LockFile
*ret
) {
7854 _cleanup_close_
int fd
= -1;
7855 _cleanup_free_
char *t
= NULL
;
7859 * We use UNPOSIX locks if they are available. They have nice
7860 * semantics, and are mostly compatible with NFS. However,
7861 * they are only available on new kernels. When we detect we
7862 * are running on an older kernel, then we fall back to good
7863 * old BSD locks. They also have nice semantics, but are
7864 * slightly problematic on NFS, where they are upgraded to
7865 * POSIX locks, even though locally they are orthogonal to
7875 .l_type
= (operation
& ~LOCK_NB
) == LOCK_EX
? F_WRLCK
: F_RDLCK
,
7876 .l_whence
= SEEK_SET
,
7880 fd
= open(p
, O_CREAT
|O_RDWR
|O_NOFOLLOW
|O_CLOEXEC
|O_NOCTTY
, 0600);
7884 r
= fcntl(fd
, (operation
& LOCK_NB
) ? F_OFD_SETLK
: F_OFD_SETLKW
, &fl
);
7887 /* If the kernel is too old, use good old BSD locks */
7888 if (errno
== EINVAL
)
7889 r
= flock(fd
, operation
);
7892 return errno
== EAGAIN
? -EBUSY
: -errno
;
7895 /* If we acquired the lock, let's check if the file
7896 * still exists in the file system. If not, then the
7897 * previous exclusive owner removed it and then closed
7898 * it. In such a case our acquired lock is worthless,
7899 * hence try again. */
7904 if (st
.st_nlink
> 0)
7907 fd
= safe_close(fd
);
7912 ret
->operation
= operation
;
7920 int make_lock_file_for(const char *p
, int operation
, LockFile
*ret
) {
7928 if (!filename_is_valid(fn
))
7931 t
= newa(char, strlen(p
) + 2 + 4 + 1);
7932 stpcpy(stpcpy(stpcpy(mempcpy(t
, p
, fn
- p
), ".#"), fn
), ".lck");
7934 return make_lock_file(t
, operation
, ret
);
7937 void release_lock_file(LockFile
*f
) {
7945 /* If we are the exclusive owner we can safely delete
7946 * the lock file itself. If we are not the exclusive
7947 * owner, we can try becoming it. */
7950 (f
->operation
& ~LOCK_NB
) == LOCK_SH
) {
7951 static const struct flock fl
= {
7953 .l_whence
= SEEK_SET
,
7956 r
= fcntl(f
->fd
, F_OFD_SETLK
, &fl
);
7957 if (r
< 0 && errno
== EINVAL
)
7958 r
= flock(f
->fd
, LOCK_EX
|LOCK_NB
);
7961 f
->operation
= LOCK_EX
|LOCK_NB
;
7964 if ((f
->operation
& ~LOCK_NB
) == LOCK_EX
)
7965 unlink_noerrno(f
->path
);
7971 f
->fd
= safe_close(f
->fd
);
7975 static size_t nul_length(const uint8_t *p
, size_t sz
) {
7990 ssize_t
sparse_write(int fd
, const void *p
, size_t sz
, size_t run_length
) {
7991 const uint8_t *q
, *w
, *e
;
7999 n
= nul_length(q
, e
- q
);
8001 /* If there are more than the specified run length of
8002 * NUL bytes, or if this is the beginning or the end
8003 * of the buffer, then seek instead of write */
8004 if ((n
> run_length
) ||
8005 (n
> 0 && q
== p
) ||
8006 (n
> 0 && q
+ n
>= e
)) {
8008 l
= write(fd
, w
, q
- w
);
8015 if (lseek(fd
, n
, SEEK_CUR
) == (off_t
) -1)
8027 l
= write(fd
, w
, q
- w
);
8034 return q
- (const uint8_t*) p
;
8037 void sigkill_wait(pid_t
*pid
) {
8043 if (kill(*pid
, SIGKILL
) > 0)
8044 (void) wait_for_terminate(*pid
, NULL
);
8047 int syslog_parse_priority(const char **p
, int *priority
, bool with_facility
) {
8048 int a
= 0, b
= 0, c
= 0;
8058 if (!strchr(*p
, '>'))
8061 if ((*p
)[2] == '>') {
8062 c
= undecchar((*p
)[1]);
8064 } else if ((*p
)[3] == '>') {
8065 b
= undecchar((*p
)[1]);
8066 c
= undecchar((*p
)[2]);
8068 } else if ((*p
)[4] == '>') {
8069 a
= undecchar((*p
)[1]);
8070 b
= undecchar((*p
)[2]);
8071 c
= undecchar((*p
)[3]);
8076 if (a
< 0 || b
< 0 || c
< 0 ||
8077 (!with_facility
&& (a
|| b
|| c
> 7)))
8081 *priority
= a
*100 + b
*10 + c
;
8083 *priority
= (*priority
& LOG_FACMASK
) | c
;
8089 ssize_t
string_table_lookup(const char * const *table
, size_t len
, const char *key
) {
8095 for (i
= 0; i
< len
; ++i
)
8096 if (streq_ptr(table
[i
], key
))
8102 void cmsg_close_all(struct msghdr
*mh
) {
8103 struct cmsghdr
*cmsg
;
8107 for (cmsg
= CMSG_FIRSTHDR(mh
); cmsg
; cmsg
= CMSG_NXTHDR(mh
, cmsg
))
8108 if (cmsg
->cmsg_level
== SOL_SOCKET
&& cmsg
->cmsg_type
== SCM_RIGHTS
)
8109 close_many((int*) CMSG_DATA(cmsg
), (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int));
8112 int rename_noreplace(int olddirfd
, const char *oldpath
, int newdirfd
, const char *newpath
) {
8116 ret
= renameat2(olddirfd
, oldpath
, newdirfd
, newpath
, RENAME_NOREPLACE
);
8120 /* Even though renameat2() exists since Linux 3.15, btrfs added
8121 * support for it later. If it is not implemented, fallback to another
8123 if (errno
!= EINVAL
)
8126 /* The link()/unlink() fallback does not work on directories. But
8127 * renameat() without RENAME_NOREPLACE gives the same semantics on
8128 * directories, except when newpath is an *empty* directory. This is
8130 ret
= fstatat(olddirfd
, oldpath
, &buf
, AT_SYMLINK_NOFOLLOW
);
8131 if (ret
>= 0 && S_ISDIR(buf
.st_mode
)) {
8132 ret
= renameat(olddirfd
, oldpath
, newdirfd
, newpath
);
8133 return ret
>= 0 ? 0 : -errno
;
8136 /* If it is not a directory, use the link()/unlink() fallback. */
8137 ret
= linkat(olddirfd
, oldpath
, newdirfd
, newpath
, 0);
8141 ret
= unlinkat(olddirfd
, oldpath
, 0);
8143 /* backup errno before the following unlinkat() alters it */
8145 (void) unlinkat(newdirfd
, newpath
, 0);
8153 char *shell_maybe_quote(const char *s
) {
8159 /* Encloses a string in double quotes if necessary to make it
8160 * OK as shell string. */
8162 for (p
= s
; *p
; p
++)
8165 strchr(SHELL_NEED_QUOTES
, *p
))
8171 r
= new(char, 1+strlen(s
)*2+1+1);
8177 t
= mempcpy(t
, s
, p
- s
);
8181 if (strchr(SHELL_NEED_ESCAPE
, *p
))